More details on a “Russian-speaking cyber espionage group” best known at Nebulous Mantis have been uncovered by Swiss cybersecurity firm PRODAFT. The group targets high-profile assets, ranging from vital infrastructure to “NATO-related defense organizations.” They specialize in advanced phishing attacks that deploy a remote access trojan called RomCom. PRODAFT’s findings highlight the level of sophistication being utilized by threat actor to execute criminal data retrieval.
