Below is the short list of pseudo-APT campaigns launched in MSM by AV proxy/fake security "companies"
NOTE: The content of this list is originally from: http://www.kernelmode.info/forum/viewto ... =16&t=4423. If you are reading it elsewhere, please visit the original location.
- Rombertik - This terrifying malware destroys your PC if detected
Campaign orchestrated by so-called "Talos Group" from Cisco - low quality "security analysts" who doesn't know how popular compiler generated file formats looks. It was so advanced for them so it is sure NationState APT. - Gyges - Invisible Malware
Campaign launched by SentinelLabs (now rebranded as SentinelOne) - fraudware company. They introduced popular ransomware Win32/Urasy as invisible(sic) NationState sponsored APT. - Patchwork - The Copy-Paste APT
Campaign launched by Cymmetria serving as a proxy company. They unveiled how to create hype from github open-source projects and script-kiddie blog posts. Of course it is NationState APT. - SFG - Furtims parent
Campaign from SentinelOne, started after they registered here and downloaded sample from the above thread, after that they named this place as 'darkweb'. Represent malware package with various Carberp code as NationState APT.
NOTE: The content of this list is originally from: http://www.kernelmode.info/forum/viewto ... =16&t=4423. If you are reading it elsewhere, please visit the original location.
Ring0 - the source of inspiration
