New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks,
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.
« They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network, »
« They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network, »
,
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.
« They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network, »
« They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in a Windows network, »
, ,
https://thehackernews.com/2025/08/new-curly-comrades-apt-using-ngen-com.html