Kasablanka

Also known as: Kasablanka

The Kasablanka group is a cyber-criminal organization that has specifically targeted Russia between September and December 2022, using various payloads delivered through phishing emails containing socially engineered lnk files, zip packages, and executables attached to virtual disk image files.

🌍 Country Morocco

Introduction

The Kasablanka group is a cyber-criminal organization that has specifically targeted Russia between September and December 2022, using various payloads delivered through phishing emails containing socially engineered lnk files, zip packages, and executables attached to virtual disk image files.

Activities and Tactics

Country of Origin: 🏳️ Morocco

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • CyberGate
  • Cyber Eye RAT

Attribution and Evidence

Country of Origin: Morocco Additional attribution information pending cataloguing.

References

References pending cataloguing.