When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The attackers effort to conceal the attack didnt stop with polyglot files, either.
Proofpoint said Sosano connected to a remote server bokhoreshonline[.
]com to receive commands and potentially download further payloads.
Both groups historically focused on targeting aerospace aligned organizations.
Despite these similarities, Proofpoint assesses UNK_CraftyCamel to be a separate cluster of intrusion activity.
