A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor

APT + Intelligence Cluster25 todayJune 3, 2021

This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy.

Based on long-term observations and technical evidences, Cluster25 cyber intelligence research team associates this implant, with medium-high degree of confidence, with the threat actor known as APT28 / Fancy Bear / Pawn Storm.

Download Cluster25 Report

Written by: Cluster25

Tagged as: , , , , , , , .

Previous post

General Cluster25 / February 15, 2021


This is the welcome post for Cluster25 threat intelligence research blog. Through this space, the team will share analysis and evidence relating to internal global threat hunting activities. Happy reading!

Similar posts

APT Cluster25 / September 10, 2021

A RattleSnake in the Navy

Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors involved in these activities there are certainly those believed to be close to the Indian government, such as RattleSnake. It is probably currently engaged in supporting a policy of raising the current Indian internal securiry levels ...

Read more trending_flat