AtlasCross

Description

(NSFOCUS) After an in-depth study of the attack process, NSFOCUS Security Labs found that this APT attacker is quite different from known attacker characteristics in terms of execution flow, attack technology stack, attack tools, implementation details, attack objectives, behavior tendency and other main attribution indicators. The technical level and cautious attitude shown by this attacker during this activity are also worthy of attention.

Therefore, NSFOCUS Security Labs identified the orchestrator of this event as a new attacker and named it AtlasCross.

NSFOCUS Security Labs validated the high-level threat attributes of AtlasCross in terms of development technology and attack strategy through an in-depth analysis of its attack metrics. At this current stage, AtlasCross has a relatively limited scope of activity, primarily focusing on targeted attacks against specific hosts within a network domain. However, the attack processes they employ are highly robust and mature. NSFOCUS Security Labs deduce that this attacker is highly likely to deploy this attack process into larger-scale network attack operations.

The organizational origin of the AtlasCross attacker cannot be determined.

Names

Name	Name-Giver
AtlasCross	NSFOCUS

Country

Unknown

Motivation

Information theft and espionage

First Seen

2023

Tools

Information

http://nsfocusglobal.com/warning-newly-discovered-apt-attacker-atlascross-exploits-red-cross-blood-drive-phishing-for-cyberattack/

Other Information

Uuid

44cf4c8d-c5b1-467a-a474-ed16373f0881

Last Card Change

2023-10-12

Threat Intelligence Garden

Explorer

AtlasCross

AtlasCross

Description

Names

Country

Motivation

First Seen

Tools

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks