Risky Bulletin Newsletter
October 27, 2023
Risky Biz News: First Kazakhstan-based APT discovered, tries to disguise itself as Azerbaijan
Presented by

News Editor
In a blog post this week, researchers with Cisco Talos have formally linked a cyber-espionage group named YoroTrooper to Kazakhstan, making it the first official APT group operating out of the country.
First spotted in the wild in June 2022, the group has followed the pattern of most nascent cyber espionage programs, starting with run-of-the-mill commodity malware and slowly moving to custom capabilities in recent attacks.
Throughout the past year, the group has primarily targeted former Soviet states in what appears to be a classic intelligence collection operation meant to support Kazakhstan's state objectives.