Ghostynetworks is a apt_group tracked across 1 threat cluster and 1 intelligence report mention on ThreatCluster. First observed May 28, 2026; most recent activity May 28, 2026.
In March 2026, hackers exploited GHOSTYNETWORKS and OMEGATECH to deploy a JavaScript backdoor via malspam targeting various sectors, including energy and finance. The operation involved sending malicious emails with ZIP…