Mastodawn

Operation Storming Tide: A massive multi-stage intrusion campaign
#Mora_001 #Matanbuchus #SystemBC
https://fortgale.com/blog/defence/operation-storming-tide/

Operation Storming Tide: A massive multi-stage intrusion campaign

In February 2026, the Fortgale Incident Response team investigated a multi-stage intrusion attributed to Mora_001, a Russian-origin threat actor exploiting Fortinet vulnerabilities. The campaign, internally dubbed "FortiSync Quasar," revealed an evolution from ransomware operations to strategic espionage, deploying Matanbuchus 3.0, Astarion RAT, and SystemBC. Rapid containment prevented any data exfiltration.

Fortgale Blog

Rene Robichaud Jan 30

Matanbuchus Malware Downloader Evading AV Detections by Changing Components
https://cybersecuritynews.com/matanbuchus-malware-downloader-evading-av-detections/

#Infosec #Security #Cybersecurity #CeptBiro #Matanbuchus #MalwareDownloader #Evading #AVDetections

RF Wave Jul 20, 2025

Security researchers reveal campaign distributing malware through Microsoft Teams

Attack:
- Attackers impersonate IT helpdesk
- Tricks users into downloading the Matanbuchus loader
- The loader in turn can collect information, run commands, and download other malware

#cybersecurity #socialengineering #Matanbuchus

https://www.bleepingcomputer.com/news/security/microsoft-teams-voice-calls-abused-to-push-matanbuchus-malware/