Menu
A large-scale information-stealing malware operation, comprising thirty distinct campaigns and targeting a wide range of user demographics and system platforms, has been identified and attributed to a cybercriminal group known as “Marko Polo.”
The threat actors employ multiple distribution methods, including malicious advertising (malvertising), spearphishing, and brand impersonation within the online gaming, cryptocurrency, and software sectors, to disseminate fifty malware variants, such as AMOS, Stealc, and Rhadamanthys. According to Recorded Future’s Insikt Group, which has been actively monitoring the Marko Polo operation, the campaign has affected thousands of individuals, potentially resulting in financial losses amounting to millions of dollars.
Given the extensive reach of the Marko Polo campaign, Insikt Group estimates that likely tens of thousands of devices have been compromised globally, exposing sensitive personal and corporate data, cautions Recorded Future’s Insikt Group.
This poses substantial risks to consumer privacy and business continuity. Almost certainly generating illicit revenue in the millions, this operation underscores the broader economic ramifications of such cybercriminal activities.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
