The Space Pirates threat actor has been linked to a campaign targeting Russian IT organizations with a new malware, LuckyStrike Agent, discovered by Solar in November 2024. This group, known as Erudite Mogwai, specializes in espionage and the theft of confidential information, having attacked various government and high-tech sectors since 2017. The attacks involved other tools like Deed RAT and Stowaway. The group gained access through a compromised web service and spread through their target’s systems for 19 months before being detected.
"Erudite Mogwai is one of the active APT groups specializing in the theft of confidential information and espionage," Solar researchers said.
"The attackers gained access to the infrastructure by compromising a publicly accessible web service no later than March 2023, and then began looking for 'low-hanging fruit' in the infrastructure," Solar said.
Collection
[
|
...
]