Curly COMrades cyberspies hit govt orgs with custom malware www.bleepingcomputer.com/news/secu…

A new cyber-espionage threat group has been using a new backdoor malware that provides persistent access through a seemingly inactive scheduled task.

The threat actor’s operations appear to support Russian interests by targeting government and judicial bodies in Georgia, and energy firms in Moldova.

The attacker is currently tracked as Curly COMrades and has been active since mid-2024 and is using a custom three-stage mallware component that researchers call MucorAgent.