Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant
released on 2023-10-17 @ 02:54:44 PM
Void Rabisu is an intrusion set associated with financially motivated ransomware attacks and targeted campaigns on Ukraine and its supporters. They've targeted various entities, including the Ukrainian government, military, energy sectors, EU politicians, and security conference participants. Void Rabisu uses the ROMCOM backdoor and combines tactics from both cybercriminals and nation-state-sponsored actors, exploiting vulnerabilities like CVE-2023-36884.