DarkWatchman cybercrime malware returns on Russian networks
A financially motivated hacker group has targeted Russian companies across several industries in a new phishing campaign using a modified version of the DarkWatchman malware, researchers have found.
The group, known as Hive0117, has attacked firms in sectors including media, tourism, biotechnology, finance, energy and telecommunications, according to Russian cybersecurity firm F6.
In 2023, Western researchers spotted the group spoofing Russian government communications and sending phishing emails disguised as military conscription notices. DarkWatchman was part of that campaign.
Read more at The Record