Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Case Study: Credit Union Boosts Threat Prevention & Detection with Cymulate
Learn More
New Research: Cymulate Research Labs Discovers Token Validation Flaw
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

Bluebottle Attacks The Financial Sector In Africa

January 10, 2023

The Bluebottle threat group, also known as Common Raven and OPERA1ER, targeted the financial sector in French speaking countries in Africa with a range of dual-use tools, commodity malware, and living-of-the-land utilities. The various tools and malicious software were used for discovery, network tunneling, persistence, and defense evasion. The Netwire and Quasar RATs along with Cobalt Strike, GuLoader, Mimikatz, and multiple Microsoft Windows command-line utilities were used to carry out the operation.

Featured Resources

View More Resources
cymulate press release
CUSTOMERS

Credit Union Boosts Threat Prevention & Detection with Cymulate

Learn how a credit union automated live-data exercises to validate exposure, improve threat readiness, and streamline SecOps.

Read Case Study
image
blog

Validating Cloud Threat Detection with Wiz Defend and Cymulate

Cymulate-Wiz integration enables proven cloud threat detection by simulating real attacks and verifying Wiz Defend.

Read More
image
blog

Kerberos Authentication Relay Via CNAME Abuse 

A breakdown of Kerberos authentication relay using CNAME abuse and mitigation considerations.

Read More