Aleksandar Milenkoski | Cyberespionage

Home > Cyberespionage

This list includes only research designated for public release

Doppelgänger | Russia-Aligned Influence Operation Targets Germany

Aleksandar Milenkoski

22 February, 2024

Unmasking I-Soon | The Leak That Revealed China’s Cyber Operations

Dakota Cary, Aleksandar Milenkoski

21 February, 2024

Link

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals

Aleksandar Milenkoski, Tom Hegel

22 January, 2024

Link

Gaza Cybergang | Unified Front Targeting Hamas Opposition

Aleksandar Milenkoski

14 December, 2023

Link

Sandman APT | China-Based Adversaries Embrace Lua

Aleksandar Milenkoski, Bendik Hagen (PwC), Microsoft Threat Intelligence

11 December, 2023

Link

The Israel-Hamas War | Cyber Domain State-Sponsored Activity of Interest

Tom Hegel, Aleksandar Milenkoski

24 October, 2023

Link

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit

Aleksandar Milenkoski, in collaboration with QGroup

21 September, 2023

Link

Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector

Aleksandar Milenkoski, Tom Hegel

17 August, 2023

Link

Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company

Tom Hegel, Aleksandar Milenkoski

7 August, 2023

Link

Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence

Aleksandar Milenkoski

6 June, 2023

Link

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit

Aleksandar Milenkoski, Tom Hegel

23 May, 2023

Link

Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign

Tom Hegel, Aleksandar Milenkoski

4 May, 2023

Link

Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector

Aleksandar Milenkoski

13 April, 2023

Link

SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack

Juan Andres Guerrero-Saade, Asaf Gilboa, David Acs, James Haughom, Phil Stokes, SentinelLabs

29 March, 2023

Link

Operation Tainted Love | Chinese APTs Target Telcos in New Attacks

Aleksandar Milenkoski, Juan Andres Guerrero-Saade, Joey Chen, in collaboration with QGroup

23 March, 2023

Link

WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks

Aleksandar Milenkoski, Collin Farr, Joey Chen, in collaboration with QGroup

16 February, 2023

Link

DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation

Aleksandar Milenkoski, Joey Chen, Amitai Ben Shushan Ehrlich

24 January, 2023

Link

NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO

Tom Hegel, Aleksandar Milenkoski

12 January, 2023

Link

The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques

Aleksandar Milenkoski

1 December, 2022

Link

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities

Juan Andres Guerrero-Saade, Amitai Ben Shushan Ehrlich, Aleksandar Milenkoski

22 September, 2022

Link

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities (Full Report)

Amitai Ben Shushan Ehrlich, Aleksandar Milenkoski, Juan Andres Guerrero-Saade

22 September, 2022

Link

The Mystery of Metador | Technical Appendix

Aleksandar Milenkoski, Amitai Ben Shushan Ehrlich

22 September, 2022

PDF