Russian cyber research companies post alerts about infostealer, industrial threats therecord.media/russia-cy…

Russian cybersecurity companies released multiple research reports about specific threats over the last week, including one about a “large-scale” information-stealing campaign targeting local organizations with Nova malware. According to a report released late last week by Moscow-based cybersecurity firm BI.ZONE, Nova is a commercial stealer sold on dark web marketplaces by unknown cybercriminals as a service. The malware’s pricing starts at $50 for a monthly license and goes up to $630 for a lifetime license.

Nova is a fork of SnakeLogger, another popular stealer and one of the most common malware variants among cybercriminals, according to previous reports. The BI.ZONE report arrives as Russian entities have been the target of several hacking campaigns in recent months, many believed to be politically motivated and orchestrated by state-sponsored hackers. The ongoing war in Ukraine and sweeping sanctions against Moscow have led most Western cybersecurity companies to withdraw from the Russian market, leaving significant gaps in visibility into the country’s cyberthreat landscape.

As a result, reports of attacks on Russian organizations primarily originate from local tech firms, often lacking the independent verification and detailed analysis typically provided by international cybersecurity researchers.