RomCom RAT targets UK organizations through compromised customer feedback portals
The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has been targeting UK companies in the retail, hospitality, and critical national infrastructure (CNI) sectors in a recently discovered cyber espionage and profit-driven operation called “Operation Deceptive Prospect.”
Active since at least 2022, RomCom has a history of blending espionage with cybercrime, often focusing on governmental and military entities, particularly those linked to Ukrainian affairs and NATO.
Read more at GB Hackers