In July 2021, Nocturnus - the Cybereason Threat Research and Intelligence team - was called to investigate an espionage campaign targeting Aerospace and Telecommunications companies globally. Their investigation resulted in the discovery of a new threat actor dubbed MalKamak that has been operating since at least 2018, and a new and sophisticated RAT (remote access trojan) dubbed ShellClient that abuses Dropbox for C2 (command and control).
Assaf Dahan - Senior Director and Head of Threat Research at Nocturnus - delves into the investigation titled, Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms - check it out...