The Sofacy Group is a cyber-espionage group with ties to the Russian government. They have been operating since 2007, and also have a history of targeting security organizations, government, and military.
Victims of Russian malware have been identified in Eastern Europe and Central Asia, US Cyber Command said.
ComRAT and Zebrocy are malicious malware
Both ComRAT and Zebrocy have been extensively used by Russia-based hacking groups. They both evolved from the old Agent.BTZ malware.
According to an ESET report, both ComRAT and Zebrocy have been used to target ministries of foreign affairs, embassies, and a parliament. There have been international victims of both malware in the US, Eastern Europe, and Central Asia.
Information about ComRAT and Zebrocy has been published in the past by privately-owned security vendors. This is the first time these advisories have been published by government agencies that specialize in cybersecurity.
The purpose of this recent US government advisories and exposé is to issue an alert about recent versions of these hacking tools. Hopefully, system administrators can add detection rules and update privacy and protection measures.
