Space Pirates Turn Cyber Sabers on Russian, Serbian Organizations

The attackers have expanded beyond backdoors and recently started using Deed RAT to step up their attacks.

Dark Reading Staff, Dark Reading

August 1, 2023

1 Min Read
toy pirate boat floating in front of moon
Source: Xan Gasalla via Alamy Stock Photo

Since late 2019, the Space Pirates cybercrime group has focused its efforts on espionage and data theft. But in recent months, researchers have noticed changes in methodology, indicating the group has unlocked a treasure trove of new technical know-how.

Not only have the Space Pirates run up the number of attacks in recent months, they've been using new, unconventional malware and techniques, researchers with Positive Technologies warn. Once reliant almost exclusively on backdoors, the Pirates have recently started using Deed RAT in significantly ramped-up attacks against Russian companies, the researchers said in their latest report.

"The Space Pirates group uses a large number of publicly available tools for navigating networks," the report said. "The hackers also use Acunetix to reconnoiter infrastructures it targets. Meanwhile, the group's tactics have hardly changed."

Over the past year, Positive Technologies said at least 17 organizations have been victims of Space Pirates' cyberattacks on critical infrastructure, including Russian and Serbian institutions spanning government, defense, education, agriculture, energy, and information security.

"The cybercriminals' main goals are still espionage and theft of confidential information, but the group has expanded its interests and the geography of its attacks," Positive Technologies said in its report.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights