Hacker group Midnight Blizzard hijacks RDP proxies to launch malware attacks


  • Trend Micro spots an advanced spearphishing campaign targeting military and government targets
  • It uses nearly 200 RDP proxies to access endpoints
  • The total number of victims is in the hundreds

AN advanced persistent threat known as Midnight Blizzard has launched a large-scale spearphishing attack that targeted governments, military organizations and academic researchers in the West.

The group used red team methodologies and anonymization tools while exfiltrating sensitive data from their target’s IT infrastructure, cybersecurity researchers at Trend Micro have revealed.