The Russian APT group #Turla has gained access to the Pakistani APT group #Sidecopy + #TransparentTribe (Storm-0156)’s C2 server and used it to attack operators in Afghanistan and Pakistan.
https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/
IoCs:
https://github.com/blacklotuslabs/IOCs/blob/main/Secret_Blizzard_IoCs.txt
https://t.me/cKure/14986