A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor

APT + Intelligence Cluster25 todayJune 3, 2021

This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy.

Based on long-term observations and technical evidences, Cluster25 cyber intelligence research team associates this implant, with medium-high degree of confidence, with the threat actor known as APT28 / Fancy Bear / Pawn Storm.

Download Cluster25 Report

Written by: Cluster25

Tagged as: , , , , , , , .

Previous post

General Cluster25 / February 15, 2021


This is the welcome post for Cluster25 threat intelligence research blog. Through this space, the team will share analysis and evidence relating to internal global threat hunting activities. Happy reading!

Similar posts

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *