Cloud Atlas cyberattacks against Russia, others ramp up

Russia, Belarus, and certain areas in Ukraine and Moldova have been subjected to escalating cyberattacks by the Cloud Atlas cyberespionage operation since the beginning of the Russia-Ukraine war, according to The Record, a news site by cybersecurity firm Recorded Future. Template injection attacks exploiting Microsoft Word have been primarily conducted by Cloud Atlas to facilitate malicious payload delivery, a Check Point report showed. A separate report from Positive Technologies noted that Cloud Atlas has been leveraging malicious documents purporting to be government statements, business proposals, and media articles, that bypass antivirus detection as they only contain a link to the exploit-containing template. Cloud Atlas has also seemingly prepared for the attacks aimed at Russia and its supporters, as evidenced by the lack of any public information regarding the victims, according to Positive Technologies researchers. "We predict that the group will continue to operate, increasing the complexity of its tools and attack techniques due to the fact that it has once again attracted the attention of researchers," said researchers.