ESET Resource Center
January 2023
ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022.
In the monitored timespan, Russia-aligned APT groups continued to be particularly involved in operations targeting Ukraine, deploying destructive wipers and ransomware. Among many other cases, ESET researchers detected the infamous Sandworm group using a previously unknown wiper against an energy sector company in Ukraine.
ESET researchers also detected a MirrorFace spearphishing campaign targeting political entities in Japan and noticed a gradual change in the targeting of some China-aligned groups. Iran-aligned groups continued to operate at a high volume – besides Israeli companies, POLONIUM also started targeting foreign subsidiaries of Israeli companies. In various parts of the world, North Korea-aligned groups used old exploits to compromise cryptocurrency firms and exchanges.
In addition, a cyberespionage group that targets high-profile government entities in Central Asia has been discovered, and ESET researchers named it SturgeonPhisher.
Don't miss out
PREMIUM CONTENT
WHITE PAPERS
A Buyer’s Guide to Extended Detection and Response
Uncover the key benefits of an XDR solution, what to look for when considering purchasing, and how ESET can guide you through the whole process.
PREMIUM CONTENT
WHITE PAPERS
Cyber Threat Intelligence: A Comprehensive Guide to Your Threat Defense
Why do organizations need Cyber Threat Intelligence and what should you look for when choosing a Threat Intelligence provider? Learn more from ESET’s brand-new guide!
PREMIUM CONTENT
HANDBOOKS
Cybersecurity Insurance for Enterprises: Making an Educated Decision
Learn about why cybersecurity insurance has become a crucial tool in preventing companies from being shut down after an attack, and how to strengthen your posture.
Ready for next step?
Enter the world of enterprise protection