Security researchers with Qihoo 360 have uncovered a large cyber campaign targeting Kazakhstan. According to the report, a threat actor with considerable financial and technical resources is targeting government agencies, businesses, educational institutions as well as numerous individuals including members of the military, foreign diplomats, researchers, journalists religious figures and government dissidents. The campaign involves both spear phishing and on-the-ground operations aimed at obtaining physical access to devices.
Qihoo attributed the activity to Golden Falcon (or APT-C-34). Kaspersky says that this group, which it refers to as DustSquad, has been active since at least 2017. Qihoo researchers managed to obtain a Golden Falcon database containing the private data of victims in over a dozen cities in Kazakhstan.
Read more: Extensive hacking operation discovered in Kazakhstan