Evilnum hackers return in new operation targeting migration orgs

The Evilnum hacking group is showing renewed signs of malicious activity, targeting European organizations that are involved in international migration.

Evilnum is an APT (advanced persistent threat) that has been active since at least 2018 and had its campaign and tools exposed only recently, in 2020.

At that time, ESET published a technical report describing the threat group's tactics against companies in the financial technology sector, using custom, "homemade" malware.

The latest exposure is thanks to the work of Zscaler's analysts, who tracked Evilnum's activity since the beginning of 2022, capturing various artifacts from the attacks.

Read more about it: here