FamousSparrow APT Expands Targeting to Azerbaijani Energy Sector
ID: b6fc7169-c7ba-53d8-bb3d-0e63f8b3e4af
STIX ID: report--b6fc7169-c7ba-53d8-bb3d-0e63f8b3e4af
Feed Name: ThreatCluster
Threat Score
**FamousSparrow APT expands into Azerbaijani energy sector:** From late December 2025 to February 2026, the China-aligned APT FamousSparrow conducted a multi-wave cyber-espionage campaign against an Azerbaijani oil and gas company, employing evolved DLL sideloading to deploy Deed RAT and Terndoor backdoors, demonstrating increased evasion, persistence, and a notable shift of targeting into the South Caucasus energy infrastructure.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.