<ul data-eligibleForWebStory="true"><li>Rare Werewolf hackers target Russian devices for cryptojacking and data theft.</li><li>The group utilizes advanced phishing techniques, posing as legitimate organizations to infiltrate systems.</li><li>Crypto mining by the hackers starts at 1 a.m. and ends at 5 a.m. to remain undetected.</li><li>Phishing emails kick off the Rare Werewolf campaign, leveraging Russian language and password-protected archives.</li><li>Malware from opened files grants hackers remote access to victims' systems.</li><li>XMRig software is deployed for crypto mining while stealing log-ins and operational data.</li><li>The hackers evade detection by using legitimate third-party tools and scheduled system operations.</li><li>The campaign targets industrial and academic institutions in Russia, Belarus, and Kazakhstan.</li><li>Detection is complicated by PowerShell scripts and batch files managing system wake-sleep cycles.</li><li>Rare Werewolf attacks suggest vulnerabilities in organizational cybersecurity in Russia and CIS countries.</li><li>Organizations are advised to strengthen email security, monitor unauthorized access, and update antivirus software.</li></ul>

Rare Werewolf Hackers Target Russian Devices for Crypto Theft

Discover more