Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation xHunt CASHY200

The threat actor behind the operation is suspected of targeting government organizations in Kuwait with malicious Microsoft Word documents to drop a PowerShell backdoor known as CASHY200. The malware communicates with the actor's command and control servers using DNS tunneling to stay under the radar of security analyst.
Name Modified Date Sources
Operation xHunt CASHY200 2019-10-16