Armenian entities have been targeted by a cyber attack using an updated version of the OxtaRAT backdoor that can allow for remote access and desktop surveillance, according to Check Point Research. The campaign began in November 2022 and marks the first time the threat actors behind the activity have extended their focus beyond Azerbaijan, targeting human rights organizations, dissidents, and independent media.
OxtaRAT can now be used for active reconnaissance of other devices, suggesting that the attackers may be moving from targeting individuals to targeting more complex or corporate environments.
