COBALT ILLUSION is an advanced persistent threat (APT) that has been observed targeting various organizations in different industries, including government agencies and financial institutions. It is a highly sophisticated APT that uses multiple techniques to evade detection by security tools and gain access to sensitive information. The group behind COBALT ILLUSION is believed to be based in Russia or Eastern Europe and has been active since at least 2016, with the latest known activity dating back to late 2019.
Techniques, tactics and practices:
COBALT ILLUSION is a highly sophisticated APT that uses multiple techniques to evade detection by security tools and gain access to sensitive information. Some of the tactics, techniques, and practices used by COBALT ILLUSION include:
1. Spear-phishing emails - sending targeted email messages with malicious attachments or links designed to trick recipients into opening them.
2. Social engineering - using psychological manipulation to gain access to sensitive information through deception, such as pretending to be a trustworthy source of information.
3. Malware distribution - distributing malware through various channels, including email attachments and infected software downloads from legitimate websites.
4. Remote code execution (RCE) exploits - using vulnerabilities in software or operating systems to gain access to sensitive data without the user\'s knowledge.
5. Lateral movement techniques - moving around
COBALT ILLUSION | 0 user ratings | 2024-06-18 15:21:30 blscott - archive -- |
COBALT ILLUSION is an alternate name for the group known as APT35
Comments | new comment |
| Nobody has commented yet. Will you be the first? | |
Primary Names
| APT35 |
| Forum |
