The attackers used various malware that allowed

[tanjimajuha20]

drive of a certain type, which is used for secure data storage. This cyber espionage campaign, dubbed TetrisPhantom, is targeting government organizations in the Asia-Pacific region.

The artifacts found during the australia whatsapp resource investigation do not allow us to clearly attribute it to any known cybercriminal group. These and other findings are detailed in Kaspersky Lab's new quarterly report on the APT threat landscape.

The campaign was discovered in early 2023. The attackers covertly spied on and collected sensitive data from governments in the Asia-Pacific region. The targeted secure USB drives are used in the public sector worldwide, meaning that many more organizations could potentially fall victim to similar methods.

them to gain control over the victim's device. This allowed them to launch processes, execute commands, interact with the file system, collect data from compromised machines, and transfer it to other computers using the same or other protected USB drives as storage media.

According to Kaspersky Lab, the number of victims attacked was small, which confirms the targeted nature of the attack.

"Our investigation revealed a high level of sophistication in this campaign, as it used techniques such as software obfuscation through virtualization, low-level communication with USB drives, and self-propagation via attached secure USBs. This cyber-attack was carried out by highly skilled attackers with an interest in espionage activities on government networks," said Noushin Shabab, Senior Cybersecurity Researcher at the Global Research and Analysis Team (GReAT).

Kaspersky Lab experts did not find any overlap with previously known APT groups, but the investigation of this campaign is ongoing, and given its long-term nature, more sophisticated attacks are expected in the future.