Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

Pulse ID: 6a1ff42b19d105602717c1ec
Pulse Link: https://otx.alienvault.com/pulse/6a1ff42b19d105602717c1ec
Pulse Author: Tr1sa111
Created: 2026-06-03 09:30:19

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CloudAtlas #CyberSecurity #InfoSec #OTX #OpenThreatExchange #bot #Tr1sa111

Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

Cloud Atlas APT group targeted government organizations and commercial companies in Russia and Belarus during late 2025 and early 2026, employing phishing campaigns with malicious ZIP archives containing LNK shortcuts. The attackers deployed multiple backdoors including VBCloud for file theft and PowerShower for network reconnaissance. New tools identified include PowerCloud, which exfiltrates data to Google Sheets, and browser checker utilities. The group established persistence through reverse SSH tunnels, patched OpenSSH binaries, ReverseSocks, and Tor networking. Initial infection vectors included malicious shortcuts executing PowerShell scripts and exploiting CVE-2018-0802 in Microsoft Office. The attackers performed credential theft, RDP manipulation via termsrv.dll patching, and lateral movement across networks while maintaining multiple backup control channels.

Pulse ID: 6a105530af26afbd3752ab81
Pulse Link: https://otx.alienvault.com/pulse/6a105530af26afbd3752ab81
Pulse Author: AlienVault
Created: 2026-05-22 13:08:00

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Belarus #Browser #Cloud #CloudAtlas #CyberSecurity #Google #Government #InfoSec #LNK #Microsoft #MicrosoftOffice #OTX #Office #OpenThreatExchange #Phishing #PowerShell #RAT #RDP #Russia #SSH #ZIP #bot #AlienVault

Cloud Atlas Expands Arsenal with New Tools, Payloads

Cloud Atlas is beefing up its toolkit with fresh tools and payloads, including a blast from the past - the notorious CVE-2018-0802 Microsoft Office Equation Editor vulnerability. The group is also reviving its use of ZIP archives with malicious LNK shortcuts that trigger PowerShell scripts, keeping security experts on high alert.

https://osintsights.com/cloud-atlas-expands-arsenal-with-new-tools-payloads?utm_source=mastodon&utm_medium=social

#CloudAtlas #Cve20180802 #MicrosoftOffice #Powershell #LnkShortcut

"No matter what you do it will never amount to anything more than a single cock in a limitless orgy!"

"What is an orgy, but a multitude of cocks?"

- Cloud Atlas

(...if Cloud Atlas was erotica.)

#CloudAtlas #erotica #orgy #cock

𝐀ctrice 𝐝𝐮 𝐉our

𝐇𝐚𝐥𝐥𝐞 𝐁𝐞𝐫𝐫𝐲
Actrice Productrice Réalisatrice Américaine

#halleberry c'est plus de 40 Films

#actricedujour #actress #actrice #cinegenres #classic
#cinema #film #movie #TheLastBoyScout #bulworth
#MonstersBall #xmen #FrankieAndAlice #Gothika
#nossouvenirsbrûlés #cloudatlas #TheCall #Kidnap #Kings
#johnwick #Kingsman #bruised #TheUnion #motherland #Crime101

Filmographie 𝐇𝐚𝐥𝐥𝐞 𝐁𝐞𝐫𝐫𝐲
https://www.youtube.com/watch?v=0PPt1jvUZnM

On this #TransDayOfVisibility, I'd like to say, in addition my trans friends and colleagues (you know who you are) that the #WachowskiSisters have never made a movie I wouldn't watch with a smile on my face.

Feel free to join in the #Wachowski love, below. If you're rude I'll enjoy blocking you.

#JupiterAscending #SpeedRacer #TheMatrix #CloudAtlas #Sense8 #SenseEight

25 Modern Classics That’ll Actually Wreck You (In the Best Way)

https://findsbydavidblog.wordpress.com/2026/03/30/25-modern-classics-thatll-actually-wreck-you-in-the-best-way/