VERY IMPORTANT

BI.ZONE experts have been monitoring the activities of a threat group called Bloody Wolf since late 2023. This group targets organizations in Kazakhstan using STRRAT, a commercial malware known as Strigoi Master. The attackers employ phishing emails posing as communications from government agencies, with attached PDFs containing malicious links. These links lead to the download of STRRAT, along with a Java installation guide required for the malware's operation. The malware exhibits various capabilities, including keylogging, data exfiltration, remote control, and encryption of user files.