Russia-linked APT group Secret Blizzard has used the tools and infrastructure of at least 6 other threat actors during the past 7 years.
The Secret Blizzard threat actor compromises the infrastructure of the Pakistan-based threat actor Storm-0156 to conduct cyber espionage campaigns in South Asia.
Researchers confirmed that Secret Blizzard deploys backdoors, clipboard monitors, and other espionage tools using Storm-0156 infrastructure.
Secret Blizzard targets Afghan government entities and accesses exfiltrated data from Indian military and defense institutions.