operation Nomadic Octopus, also known as DustSquad, has launched a new intelligence-driven Paperbug surveillance attack campaign aimed at Tajikistan's public service entities, telecommunications providers, and government officials, reports The Hacker News
Attacks by Nomadic Octopus commenced with the compromise of a telecommunications firm's network, which was then followed by the targeting of more than 12 government networks and operational technology devices with known security flaws, according to a PRODAFT report. Operation Paperbug also involved the use of an updated Octopus malware variant with screenshot capturing, remote command execution, and file upload and download capabilities.
While Nomadic Octopus has already compromised 499 systems since January 2022, the group has been noted by researchers to lack advanced toolsets and did not mind their activity being seen.
"This imbalance between the operator skills and importance of the mission might indicate that the operators have been recruited by some entity which provided them a list of commands that need to be executed on each machine exactly. The operator follows a checklist and is forced to stick to it," said researchers.