| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Angry Likho is an APT group that has been active since 2023, primarily targeting large organizations and government agencies in Russia and Belarus. Their attacks typically involve spear-phishing emails with malicious attachments, such as RAR archives, and utilize a known payload, the Lumma stealer, for data exfiltration. The group employs a compact infrastructure and has been linked to espionage activities, particularly in sectors like aviation and pharmaceuticals. Their operations have shown a focus on collecting sensitive information, including cryptowallet files and user credentials.
There are currently no families associated with this actor.
| 2025-02-21
⋅
Kaspersky Labs
⋅
Angry Likho: Old beasts in a new forest Lumma Stealer Angry Likho |
| 2024-06-06
⋅
Morphisec
⋅
Howling at the Inbox: Sticky Werewolf’s Latest Malicious Aviation Attacks Angry Likho |