ESET Services

Optimize your ESET experience with expert support.

MSP & Partnerships

Become an ESET managed service provider.

ESET Resource Center

APT Activity Report T3 2022: Sandworm Deploying its Enhanced Wiper Arsenal

January 2023

APT Activity Report T3 2022: Sandworm Deploying its Enhanced Wiper Arsenal

ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022.

In the monitored timespan, Russia-aligned APT groups continued to be particularly involved in operations targeting Ukraine, deploying destructive wipers and ransomware. Among many other cases, ESET researchers detected the infamous Sandworm group using a previously unknown wiper against an energy sector company in Ukraine.

ESET researchers also detected a MirrorFace spearphishing campaign targeting political entities in Japan and noticed a gradual change in the targeting of some China-aligned groups. Iran-aligned groups continued to operate at a high volume – besides Israeli companies, POLONIUM also started targeting foreign subsidiaries of Israeli companies. In various parts of the world, North Korea-aligned groups used old exploits to compromise cryptocurrency firms and exchanges.

In addition, a cyberespionage group that targets high-profile government entities in Central Asia has been discovered, and ESET researchers named it SturgeonPhisher.

Don't miss out

PREMIUM CONTENT

WHITE PAPERS


Prevention first: Leveraging Cyber Threat Intelligence for Proactive Defense

Explore the current challenges of prevention, how closely is prevention intertwined with CTI, and what new features are part of the ESET Threat Intelligence. Read for free!

PREMIUM CONTENT

WHITE PAPERS


Cybersecurity in an AI-turbocharged Era

AI can be used for both good and evil. Find out how it transforms the world of digital security, how cybercriminals use it, and how ESET leverages the technology to keep you secured.

PREMIUM CONTENT

HANDBOOKS


Prevention first: Minimizing the Attack Surface and Closing Compliance Gaps

Prevention is key when protecting your company against threats. Learn about mobile protection, cloud protection, and the benefits of managing them from one console.
 

Ready for next step?

Enter the world of enterprise protection