Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Hidden Story

The InvisiMole threat group targeted the military, diplomacy, defense, and government sectors in Eastern Europe with an updated toolset. The malware used various techniques including abusing legitimate applications and exploiting vulnerable executables including using EternalBlue and BlueKeep exploits for lateral movement. The group also used the Data Protection API feature in Microsoft Windows for encryption and DNS tunneling to communicate with command and control servers.
Name Modified Date Sources
Operation Hidden Story 2020-06-19