CharmingCypress: Innovating Persistence
released on 2024-02-13 @ 08:15:35 PM
This blog post describes targeted campaigns by the threat actor CharmingCypress that reveal a high level of effort dedicated to support their spear-phishing operations. CharmingCypress is highly committed to conducting surveillance on targets to determine how to manipulate them and deploy malware. The post documents new malware families associated with CharmingCypress campaigns in 2023-2024, including POWERLESS, BASICSTAR, and malware-laden VPN applications used to distribute NOKNOK and POWERLESS.