Earth Baku, an APT actor linked to APT41, has expanded operations from the Indo-Pacific to Europe, the Middle East, and Africa since late 2022, targeting countries including Italy, Germany, the UAE, and Qatar.  The group leverages compromised IIS servers to deploy sophisticated malware like StealthVector, StealthReacher, and the modular SneakCross backdoor.  These tools, employing techniques … Continue reading Earth Baku Unleashes Custom Tools to Maintain Persistence & Steal Sensitive Data