Understanding the Snake's Habits: New ReaverBits Tools in Attacks on Russian Companies
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
The ReaverBits cybercriminal group, active since late 2023, has been conducting targeted attacks on Russian organizations in key sectors. Their recent activities, observed between September 2024 and January 2025, showcase an evolution in their tactics and malware arsenal. The group continues to use spoofing methods in phishing attacks and stealer-class malware, but has introduced new tools including the publicly available Meduza Stealer and the unique ReaverDoor malware. Their attacks involve sophisticated infection chains, utilizing modified open-source tools as downloaders and complex encryption schemes. The group's persistence and adaptability are evident in their continued focus on Russian targets and the development of more advanced malware, indicating preparations for potentially larger-scale attacks.
OPENCTI LABELS :
meduza stealer,bitbucket,reaverdoor
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Understanding the Snake's Habits: New ReaverBits Tools in Attacks on Russian Companies