Water Orthrus’s New Campaigns Delivers Rootkit and Phishing Modules
released on 2023-05-15 @ 03:58:39 PM
Since 2021, we have been tracking the activities of a threat actor we called Water Orthrus, which distributed CopperStealer malware via pay-per-install (PPI) networks. The threat actor has upgraded and modified the malware multiple times for different purposes, such as injecting network advertisements, acquiring personal information, and stealing cryptocurrency. We believe that they are associated with the threat campaign reported as “Scranos” in 2019.