QuoIntelligence’s Weekly Intelligence Snapshot for the week of 20 – 26 May is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!


Threat Actor
Industry impacted: Financials

  • Researchers at ClearSky detailed their attribution of the North Korea-linked Lazarus Group to a campaign dubbed as CryptoCore. The campaign targets cryptocurrency exchanges in various locations globally, which most recently included Israel. According to ClearSky, the campaign was active since at least 2018 and resulted in the theft of several hundred million dollars of cryptocurrencies.

Industry impacted: Government, Information Technology

  • New Java-Based STRRAT Malware Fakes As Ransomware And Will Soon Run Without JRE
  • Agrius: The Evolution of A New Threat Actor
  • Bose Confirms Ransomware Attack, Employee Data Potentially Accessed



Industry impacted: Government, Industrials

  • The Belarusian government allegedly forced a Ryanair plane to land in Minsk in order to arrest the journalist and activist Roman Protasevich. As Russia allegedly backed Belarus’ actions and has in the past helped Belarus to divert sanctions, EU and US relations with Russia could further deteriorate. Russia’s support to Belarus after the incident could impact the international security landscape as well as cyberspace.

Industry impacted: Government

  • US to Send Aid to Gaza, Pledges to Reopen Jerusalem Consulate
  • Switzerland Declines to Sign Draft Swiss-EU Economic Agreement
  • Germany’s Competition Regulator Opens Proceedings Against Google