Armored Likho APT links modular RATs and info-stealers to power and gov targets
Source headline: Armored Likho APT Targeting Government, Electric Power Entities
Intelligence Summary
Armored Likho is an APT activity tied to both financially motivated theft and cyber espionage. The campaign targets government and electric power organizations. It uses modular remote access trojans (RATs) alongside information-stealing components. This design can support flexible capabilities as the operation evolves. The focus on critical sectors increases the risk of service disruption and sensitive-data exposure. Organizations in government and energy should review for RAT and stealer indicators and tighten detection and response for related intrusions.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.