Cobalt Group ThreadKit Updates from October 2018
released on 2018-12-19 @ 11:47:07 AM
Since 2016, Cobalt Group used alexusMailer 2.0, also known as iPosylka, to send spearphishing emails containing malicious attachments to targets. In 2016, Cobalt Group targeted banks in Eastern Europe using lure attachments containing exploits, which when executed, allowed the group to compromise servers that controlled ATMs, stealing over $32,000 overnight from six ATMs in Eastern Europe.