Close

Get in Touch

Contact us to learn more about our elite cybersecurity services and industry-leading technologies.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Close
Breachquest

Emergency Incident Assistance

Is your network under attack? Get in touch with a
BreachQuest Specialist right away with this form.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

KaraKurt

A threat actor that primarily uses VPN credentials to gain initial access to a victim’s network, either by sourcing them from sellers or phishing them themselves. The persistence is established by dropping the widely abused Cobalt Strike remote access tool, although, in recent attacks, they have switched to using the AnyDesk remote access tool. Next, the actor steals additional credentials belonging to administrators by employing and using them for admin privilege escalation.

Go Back Go to Glossary index
Share this article:

Sign up for our newsletter to get more industry news and insights.

Related Resources

Karakurt' Extortion threat emerges, but says no to Ransomware

Learn more