APT28 Revives Advanced Malware Toolkit for Cyber-Espionage

APT28 Revives Advanced Malware Toolkit for Cyber-Espionage

First seen 10 Mar 2026, 10:57 UTC Therecord.MediaBleepingcomputerCyberinsiderGovinfosecurityThehackernews+4 81% similarity 65.4

Article Content

Browse articles
ThreatCluster

APT28, a Russian threat actor, has reactivated its malware development team and deployed a modern espionage toolkit that includes a customized version of the Covenant open-source tool. This resurgence indicates a renewed focus on cyber-espionage operations, potentially impacting various organizations targeted by state-sponsored hacking efforts.

ThreatCluster AI

Timeline

2026-03-10
APT28 reactivates malware developers with new toolkit
2026-03-10
Covenant open-source tool variant deployed by APT28

Community

Browse all →