lab52

In addition to the two previous units, which have gained prominence from the information brought to light in 2018, the GRU has other Military Units linked to signal intelligence, cybersecurity or information warfare. Some of which we can find data in public sources are the following: Military Unit 11135 (18th Central Research Institute). Historically ([1]) the Central […]

In the middle of this year, from Lab52, thanks to our automated IOCs extraction and search system (hashes, domains, etc…), a match was found with a hash that we had in our database. The coincidence occurred in an email sent on May 14 of this year. When checking the log of the mail gateways, it […]

During the last months, Lab52 has been monitoring an infection campaign that is using different kinds of threats. One of these threats is Vengeance Justice Worm, also known as Vjw0rm, which is developed in Javascript. This is a type of malware capable of acting as a RAT or spreading through removable devices, thus doing worm […]

Executive summary The following report shows an analysis of several hybrid strategies that presumably Iran usually carries out against its national and international enemies. Currently, it is important to analyze how the Iranian Defense structures are composed to develop and execute from the State the cyberattacks and hybrid operations. Moreover, in the report there is […]