A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
By
Cluster25 Threat Intel Team
June 3, 2021
This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy.
Based on long-term observations and technical evidences, Cluster25 cyber intelligence research team associates this implant, with medium-high degree of confidence, with the threat actor known as APT28 / Fancy Bear / Pawn Storm.