The YoroTrooper hacker group is targeting energy organizations in the Commonwealth and European embassies.
Its first activity was tracked in 2022.
The threat actor has hacked the accounts of a critical European Union agency engaged in healthcare, the World Intellectual Property Organization, and numerous European embassies.
- YoroTrooper uses information stealers, remote access trojans, and Python-based malware.
- Its preferred threat vector is phishing via emails that contain malicious attachments.
- The group has been previously tied with cyberattacks that breached targets in Belarus and Azerbaijan.
