"Clasiopa Hackers Use New Atharvan Malware in Targeted Attacks"

Researchers have spotted a hacker group, tracked as Clasiopa, targeting companies in the materials research industry with a Remote Access Trojan (RAT) called Atharvan. According to Symantec, there are clues pointing to Clasiopa being an Indian threat actor. However, due to the lack of evidence supporting any particular theory, attribution remains unclear. Symantec researchers uncovered signs that Clasiopa uses brute force to gain access to public-facing servers, despite the absence of definitive data indicating a specific initial infection vector. Symantec reports that after compromising a machine, the attackers perform multiple operations, such as verifying the IP address of the compromised system, disabling endpoint protection solutions by terminating their services, and more. This article continues to discuss findings regarding the Clasiopa hacking group using Atharvan malware in targeted attacks. 

Bleeping Computer reports "Clasiopa Hackers Use New Atharvan Malware in Targeted Attacks"