New PEAPOD Cyberattack Campaign Targeting Women Political Leaders
Oct 13, 2023
Endpoint Security / Cyber Attack
European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD . Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu , which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also believed to be associated with Cuba ransomware. The adversarial collective is something of an unusual group in that it conducts both financial motivated and espionage attacks, blurring the line between their modes of operation. It's also exclusively linked to the use of RomCom RAT. Attacks involving the use of the backdoor have singled out Ukraine and countries that support Ukraine in its war against Russia over the past year. Earlier this July, Microsoft implicated Void Rabisu to the exploitation of CVE-2023-36884 , a remote code execution flaw in Office and Windows HTML, by using spe