October 26, 2023 at 04:48AM A new threat actor called YoroTrooper, likely consisting of operators from Kazakhstan, has been identified. The group employs various tactics to hide their activities, including targeting Kazakhstani entities and using VPN exit nodes in Azerbaijan. YoroTrooper primarily uses spear-phishing and malware to steal data, and has now shifted to custom … Read more
October 25, 2023 at 04:51PM The YoroTrooper espionage group, which has been active since June 2022, appears to consist of individuals from Kazakhstan. The group has been targeting government entities in Azerbaijan, Kyrgyzstan, Tajikistan, and other CIS countries. They use Kazakh currency and languages, and have only targeted one institution in Kazakhstan. They rely on … Read more
October 25, 2023 at 01:38PM YoroTrooper, a Kazakhstan attack group known for phishing messages, poses as an Azerbaijani group. It primarily targets government entities in former Soviet republics but disguises its origin by hosting its infrastructure in Azerbaijan. However, researchers from Cisco Talos have concluded that the group is from Kazakhstan based on language preferences … Read more