#infosec

Using access obtained by MERCURY🇮🇷, DEV-1084 was able to carry out a destructive attack including deployment of DarkBit ransomware and deletion of cloud resources. Rare to see reporting about an actor operating across on-premise and cloud.

Read the MSFT Threat Intelligence post about this incident here 👇🏾

https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/