Let's Talk
Let's Talk

Loading...

Blog Details

  • Home
  • /
  • Cloud Atlas: Using a New Backdoor, VBCloud, to Steal Data

Cloud Atlas: Using a New Backdoor, VBCloud, to Steal Data

essadmin

According to a recent threat report published by CyberHunter_NL, the cyber-thieves group Cloud Atlas has been identified as using a new tool called VBCloud.

This backdoor is targeted at victims in Eastern Europe and Central Asia over the next 10 years.

Cloud Atlas, a sophisticated actor group, has been observed employing various tactics to target their victims. Their primary goal is to steal sensitive data, which can be particularly devastating for organizations that rely heavily on cloud-based services.

The report highlights several key findings regarding Cloud Atlas’ TTPs:

  • Strategic Web Compromises: Targeting websites and domains belonging to specific industry sectors or geographic regions.
  • Adversary-in-the-Middle: Intercepting communications between servers, devices, or networks.

Cloud Atlas has also been observed using multiple attack vectors to compromise their targets. These include:

  • Access Vector: Cloud Atlas deployed Amadey bot malware associated with cybercriminal activity for deployment purposes. In addition, they leveraged a backdoor from Storm-1837 to install their malware.

Tools and Infrastructure

Cloud Atlas utilized tools and infrastructure from other threat actors, including:

  • Amadey bot malware
  • Tavdig and KazuarV2 backdoors

Techniques Exploited for Execution of Attacks

The report emphasizes the importance of initial access. Cloud Atlas relies on various techniques such as spear-phishing to gain initial access.

Spear phishing is often used by adversary groups to bypass security defenses. This technique is employed to trick users into divulging sensitive information, which helps execute further attacks and exploits.

Recommendations

Based on the threat report, several recommendations can be made for improving cybersecurity posture:

  • Monitor activity from known adversary groups.
  • Implement strict security controls around access to sensitive systems.
  • Regularly update software packages to prevent exploitation by zero-day vulnerabilities.
  • Implement layered web and network security mechanisms.

References

SecureIist article “cloud-atlas-attacks-with-new-backdoor-vbcloud”

Discover more from ESSGroup

Subscribe to get the latest posts sent to your email.

Leave a Reply

Looking for the Best Cyber Security?

Get A Quote
Get A Quote

Seamlessly integrate local and cloud resources with our comprehensive cybersecurity services. Protect user traffic at endpoints using advanced security solutions like threat hunting and endpoint protection. Build a scalable network infrastructure with continuous monitoring, incident response, and compliance assessments.

Linkedin Telegram X-twitter WordPress

Company

Quick Link

Contact Us

  • Address: Reithalleweg 3 Wohlen CH
  • Email: support@essgroup.tech
  • Phone:

Copyright © 2025 ESSGroup