Bill Toulas reports:
A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks.
Kaspersky security researchers discovered the cyberespionage group in May 2024. They report that CloudSorcerer uses custom malware that uses legitimate cloud services for command and control (C2) operations and data storage.
Kaspersky notes that CloudSorcerer’s modus operandi is similar to CloudWizard APT’s, but their malware is distinct, leading security researchers to believe this is a new threat actor.
Read more at Bleeping Computer.