APT Activity Report Q4 2023-Q1 2024: I-SOON, FishMonger, and MuddyWater

The I-SOON data leak has allowed us to identify FishMonger, a group notorious for the cyberattacks against Hong Kong universities back in 2019, as I-SOON. This contractor also developed a platform for tracking gambling activity, linking the group to Operation ChattyGoblin. MustangPanda conducted a series of attacks on cargo shipping companies in Norway, Greece, and the Netherlands, even compromising the ships’ systems. Since the Hamas-led attack on Israel in 2023, Iran-aligned groups have shifted focus to impact attacks. Visit W...

The I-SOON data leak has allowed us to identify FishMonger, a group notorious for the cyberattacks against Hong Kong universities back in 2019, as I-SOON. This contractor also developed a platform for tracking gambling activity, linking the group to Operation ChattyGoblin. MustangPanda conducted a series of attacks on cargo shipping companies in Norway, Greece, and the Netherlands, even compromising the ships’ systems. Since the Hamas-led attack on Israel in 2023, Iran-aligned groups have shifted focus to impact attacks. Visit WeLiveSecurity to read about other topics covered in the the latest ESET APT Activity Report.

Host:

Aryeh Goretsky, ESET Distinguished Researcher

Guest:

Robert Lipovský, ESET Principal Malware Researcher

Read more @WeLiveSecurity.com and @ESETresearch on Twitter

ESET Threat Reports and ESET APT Activity Reports