The Kaspersky Laboratory has detected activity from the hacker group Librarian Ghouls, which has been conducting night cyberattacks on Russian enterprises and technical universities since December 2024. The attackers operate from 01:00 to 05:00 local time, using phishing emails with password-protected archives containing malware. Their goal is to gain remote access to devices, steal credentials and cryptowallet keys, as well as install miners for illegal cryptocurrency mining.
The group, also known as Rare Werewolf and Rezet, uses legitimate software, making their detection difficult. After gathering data, the hackers erase traces of their activity by shutting down infected devices at 05:00. Experts suggest that Librarian Ghouls may be hacktivists acting with political motives.
The Kaspersky Laboratory recommends that enterprises regularly update software, use reliable antivirus solutions like Kaspersky Symphony, and train employees in digital literacy to protect against phishing.
This threat underscores the importance of cybersecurity amid the rise of cryptocurrency mining. Stay tuned for news to protect your data! Subscribe to #MiningUpdates
#CyberSecurity #LibrarianGhouls #Kaspersky #CryptoMining #Hacking #Phishing #Web3 #CryptoNews