South Korean Organizations Targeted by Cobalt Strike âCatâ Delivered by a Rust Beacon
ID: f1566689-e939-5ad4-9143-6740b58e657a
STIX ID: report--f1566689-e939-5ad4-9143-6740b58e657a
Feed Name: Hunt.io Blog
Threat Score
Hunt researchers discovered a briefly exposed open directory hosting tools and artifacts from an intrusion campaign targeting over 1,000 South Korean domains; the actor used reconnaissance tools (dirsearch, Web-SurvivalScan), SQLMap for injection and data theft, and deployed modified Cobalt Strike Cat beacons delivered via MinGW- and Rust-compiled loaders that decode Marte shellcode, with logs showing active victim check-ins and operator access.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.