Operation Rusty Flag

Description

(Deep Instinct) The operation has at least two different initial access vectors.

The operation is not associated with a known threat actor; the operation was instead named because of their novel malware written in the Rust programming language.

One of the lures used in the operation is a modified document that was used by the Tropical Scorpius, RomCom group. This could be a deliberate “false flag”.

Names

Name	Name-Giver
Operation Rusty Flag	Deep Instinct

Country

Unknown

Motivation

Information theft and espionage

First Seen

2023

Observed Countries

Azerbaijan

Information

https://www.deepinstinct.com/blog/operation-rusty-flag-a-malicious-campaign-against-azerbaijanian-targets

Other Information

Uuid

ae038cc4-4e81-4107-bfef-32646c33fb5d

Last Card Change

2023-10-12

Threat Intelligence Garden

Explorer

Operation Rusty Flag

Operation Rusty Flag

Description

Names

Country

Motivation

First Seen

Observed Countries

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks