MoustachedBouncer

Description

(ESET) MoustachedBouncer is a cyberespionage group discovered by ESET Research and first publicly disclosed in this blogpost. The group has been active since at least 2014 and only targets foreign embassies in Belarus. Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets. The group uses two separate toolsets that we have named NightClub and Disco.

While we track MoustachedBouncer as a separate group, we have found elements that make us assess with low confidence that they are closely collaborating with another group known as Winter Vivern.

Names

Name	Name-Giver
MoustachedBouncer	ESET

Country

Belarus

Motivation

Information theft and espionage

First Seen

2014

Observed Sectors

Foreign embassies in Belarus

Observed Countries

Belarus

Information

https://www.welivesecurity.com/en/eset-research/moustachedbouncer-espionage-against-foreign-diplomats-in-belarus/

Other Information

Uuid

e6ac692d-4adb-403d-83c6-f0d8845a4866

Last Card Change

2023-09-06

Threat Intelligence Garden

Explorer

MoustachedBouncer

MoustachedBouncer

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks