The cybersecurity company Kaspersky disclosed that a hacker organization named Librarian Ghouls (also known as Rare Werewolf) has been attacking hundreds of Russian devices since December 2024 through malicious phishing emails disguised as official documents, specifically targeting industrial enterprises and engineering schools, affecting Belarus and Kazakhstan. The organization disables security systems via remote connections and runs cryptocurrency mining software between 1 AM and 5 AM, leveraging the devices' RAM, CPU, and GPU for optimized mining. Kaspersky speculates that they may be hacker activists, as they rely on legitimate third-party software rather than homemade malicious programs. (Cointelegraph)