A Russian state-sponsored hacking group tracked as Star Blizzard has adopted the DarkSword iOS exploit kit in an ongoing campaign, Proofpoint reports.
On Friday, investigation platform Malfors warned that a Russian threat actor has been using Atlantic Council lures in an email campaign delivering the DarkSword-linked GhostBlade malware.
Shortly after, Proofpoint attributed the campaign to Star Bli...
The strongest version of this narrative highlights a concerning evolution in Russian cyber operations: a state-sponsored group rapidly adopting leaked exploit tools to target a broader range of victims, including Apple devices previously considered more secure. The shift from attachments to links suggests tactical adaptation, possibly to evade detection, while the focus on credential harvesting aligns with intelligence-gathering objectives. The use of Atlantic Council lures indicates a continued...