Find notable cyber news and cases, enriched with sources, timelines, and signals.

FamousSparrow Azerbaijanian oil-and-gas targeting campaign

Campaign
First reported
Last updated
Happening score
H score 32
1 unique sources, 1 articles

Summary

Hide ▲

The China-linked FamousSparrow group ran a targeted cyberespionage campaign against an Azerbaijanian oil-and-gas company in the South Caucasus, highlighting a new regional industry focus. The operation lasted from late December through the end of February, showing sustained activity rather than a one-off intrusion. The attackers used DLL sideloading and remote access tools to evade defenses, while the victim's OT networks were not affected.

Related Happenings

Operation Endgame takedown of Amadey and StealC infrastructure

Law Enforcement
H score66 First: 24.06.2026 18:02 Last: 24.06.2026 18:02 Sources 1

About this happening: An **international law-enforcement takedown** under **Operation Endgame** disrupted shared infrastructure used by **Amadey** and **StealC**, with **Microsoft**, **Europol**, and i...

FamousSparrow multi-wave intrusion campaign against Azerbaijani oil and gas company

Campaign
H score39 First: 13.05.2026 16:00 Last: 13.05.2026 16:00 Sources 1

About this happening: A **China-affiliated** actor tracked as **FamousSparrow (UAT-9244)** ran a **multi-wave intrusion** against an **unnamed Azerbaijani oil and gas company** from **late December 202...

Deed RAT and TernDoor multi-wave deployment

Malware Activity
H score31 First: 13.05.2026 16:00 Last: 13.05.2026 16:00 Sources 1

About this happening: A **multi-wave malware deployment** delivered **Deed RAT (Snappybee)** and **TernDoor** into an **Azerbaijani oil and gas company** across **three waves**, creating repeated footh...

SHADOW-EARTH-053 China-aligned espionage campaign against Asian government and defense targets

Campaign
H score39 First: 01.05.2026 17:02 Last: 01.05.2026 17:02 Sources 1

About this happening: **SHADOW-EARTH-053** is running an active **China-aligned espionage campaign** against **government and defense** targets across **South, East, and Southeast Asia** and **Poland**...

APT28 Windows Shell LNK campaign targeting Ukraine and E.U. nations

Campaign
H score39 First: 28.04.2026 08:50 Last: 28.04.2026 08:50 Sources 1

About this happening: A **December 2025** **APT28** campaign targeted **Ukraine** and **E.U. nations** with a **malicious Windows Shortcut (LNK)** chain that bypassed **Microsoft Defender SmartScreen**...

Timeline

  1. 13.05.2026 16:00 2 articles · 1mo ago

    BitDefender discloses FamousSparrow targeting of an Azerbaijanian oil-and-gas company

    Initial Disclosure

    BitDefender disclosed that the China-linked FamousSparrow group targeted an Azerbaijanian oil-and-gas company in the South Caucasus, using DLL sideloading to evade defenses, stage payloads, and install remote access tools with Deed RAT modifications; the victim detected activity on specific workstations and cleaned them, but a vulnerable Microsoft Exchange server remained unpatched and enabled two subsequent attacks, and OT networks were not affected.

    Show sources