PhantomControl

MISP

Tipo:
Unknown

Paese:
Unknown

Prima attivita:
Unknown

Dettagli:

PhantomControl is a sophisticated threat actor that emerged in November 2023. They utilize phishing emails as their initial infection vector and employ a ScreenConnect client to establish a connection for their malicious activities. Their arsenal includes a VBS script that hides its true intentions and reveals a complex mechanism involving PowerShell scripts and image-based data retrieval. PhantomControl has been associated with the Blind Eagle threat actors, showcasing their versatility and reach.

Riferimenti (3)

esentire.com - Phantomcontrol Returns With Ande Loader And Swaetrat
esentire.com - Operation Phantomcontrol
securityonline.info - Esentire Vs Phantom Unveiling The Cyber Spooks Dance Of Darkness

Metadata

ID:	563
Created:	13/01/2026 17:48
Updated:	08/03/2026 04:00