11 matches found
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack tha...
UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors
The threat activity cluster known as UnsolicitedBooker has been observed targeting telecommunications companies in Kyrgyzstan and Tajikistan, marking a shift from prior attacks aimed at Saudi Arabian entities. The attacks involve the deployment of two distinct backdoors codenamed LuciDoor and...
Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
Introduction Stan Ghouls also known as Bloody Wolf is an cybercriminal group that has been launching targeted attacks against organizations in Russia, Kyrgyzstan, Kazakhstan, and Uzbekistan since at least 2023. These attackers primarily have their sights set on the manufacturing, finance, and IT...
Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets
The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. "These attacks highlight a notable shift in Tomiris's tactics, name...
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has expanded to also single out Uzbekistan, Group-IB researchers Amirbek Kurbanov...
ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific APAC. According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration...
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision...
YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group
A relatively new threat actor known as YoroTrooper is likely made up of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani...
Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021, leverages phishing lures to deploy a variety...
Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation
Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle East and Central Asia. The network, which...
kyrgyzstan.dimex.ws Cross Site Scripting vulnerability OBB-1223651
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...