An unknown threat actor has been linked to a cyber attack on a power generation company in southern Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack.
“The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a south African nation’s critical infrastructure,” Kurt Baumgartner, principal security researcher at
“The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a south African nation’s critical infrastructure,” Kurt Baumgartner, principal security researcher at