Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks

Author(s): Sathwik Ram Prakki
Organization: Seqrite

Open article directly Open article on Archive.org

2026-03-17 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency
Unidentified JS 007 (Zimbra Stealer)

2025-11-03 ⋅ Seqrite ⋅ Sathwik Ram Prakki, Subhajeet Singha
Operation Peek-a-Baku: Silent Lynx APT makes sluggish shift to Dushanbe
Laplas (Reverseshell) SilentSweeper YoroTrooper

2025-10-31 ⋅ Seqrite ⋅ Sathwik Ram Prakki
Operation SkyCloak: Tor Campaign targets Military of Russia & Belarus

Propose Change Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks