{"id":36604,"date":"2020-08-14T16:02:17","date_gmt":"2020-08-14T16:02:17","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31490\/CactusPete-Hackers-Go-On-European-Rampage-With-Bisonal.html"},"modified":"2020-08-14T16:02:17","modified_gmt":"2020-08-14T16:02:17","slug":"cactuspete-hackers-go-on-european-rampage-with-bisonal","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/","title":{"rendered":"CactusPete Hackers Go On European Rampage With Bisonal"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet2.cbsistatic.com\/hub\/i\/r\/2020\/08\/14\/b4c236ad-1f98-4180-808c-3671829d889f\/thumbnail\/770x578\/cc363c5a7b64c8f95653db26a88f3a1c\/screenshot-2020-08-14-at-08-55-21.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>An advanced persistent threat (APT) group has evolved the Bisonal new backdoor for use in attacks against financial and military organizations across Europe.&nbsp;<\/p>\n<p>First spotted in 2013, the CactusPete APT &#8212; also tracked as Karma Panda &#8212; has been linked to cybercriminal campaigns across Europe, Russia, Japan, and South Korea.&nbsp;<\/p>\n<p><strong>See also:&nbsp;<\/strong><a href=\"https:\/\/www.zdnet.com\/article\/black-hat-healthcare-senior-living-temi-robots-can-be-hijacked-remotely-by-hackers\/\" target=\"_blank\" rel=\"noopener noreferrer\">Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots<\/a> <\/p>\n<p>Cisco Talos researchers say that the group, named internally as Tonto Team, is likely a state-sponsored APT belonging to the Chinese military focused on intelligence-gathering and espionage.&nbsp; <\/p>\n<p>Kasperksy Labs researchers are of the same opinion when it comes to spying activities. Adding that CactusPete has also been known to strike diplomatic and infrastructure organizations, the team says that the group appears to be after &#8220;very sensitive&#8221; information.&nbsp; <\/p>\n<p>On Thursday, Kasperksy <a href=\"https:\/\/securelist.com\/cactuspete-apt-groups-updated-bisonal-backdoor\/97962\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">published an update<\/a> on the APT&#8217;s activities. A new campaign focused on military and financial groups across Eastern Europe is taking place, together with the use of a new Bisonal backdoor variant.&nbsp; <\/p>\n<p>Back in March, Talos documented one of the <a href=\"https:\/\/www.zdnet.com\/article\/chinese-hackers-use-decade-old-bisonal-trojan-to-strike-russian-targets\/\" target=\"_blank\" rel=\"noopener noreferrer\">latest strains<\/a> of the Bisonal Trojan in use, an interesting element of the APT&#8217;s toolset considering the age of the malware.&nbsp; <\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>Bisonal has been in active development for over a decade. The Trojan uses dynamic DNS to communicate with a command-and-control (C2) server, has continually improving obfuscation modules, and in the latest versions, also includes XOR encoding and support for proxy servers, among other features.&nbsp; <\/p>\n<p>As a cyberespionage tool, the backdoor is capable of maintaining persistence on an infected machine, scanning drives, listing and exfiltrating files of interest, deleting content, killing system processes, and executing code, such as the launch of programs and remote shells.&nbsp; <\/p>\n<p><strong>CNET:&nbsp;<\/strong><a href=\"https:\/\/www.cnet.com\/news\/facebook-google-twitter-team-up-on-election-security-ahead-of-rnc-and-dnc\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">Facebook, Google, Twitter team up on election security ahead of RNC and DNC<\/a> <\/p>\n<p>According to Kasperksy, research began with only one sample of the new malware in February, and since then, over 20 new samples per month of the latest Bisonal variant are appearing. &nbsp; <\/p>\n<p>A recent tweak is the use of hardcoded Cyrillic code during string manipulations and campaigns at large, due to the languages used by intended targets across Eastern Europe.&nbsp; <\/p>\n<p>&#8220;This is important, for example, during remote shell functionality, to correctly handle the Cyrillic output from executed commands,&#8221; the researchers note.&nbsp; <\/p>\n<p><strong>TechRepublic:&nbsp;<\/strong><a href=\"https:\/\/www.techrepublic.com\/article\/zero-trust-is-critical-but-very-underused\/?ftag=CMG-01-10aaa1b\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">Zero trust is critical, but very underused<\/a> <\/p>\n<p>Bisonal is also used in tandem with keyloggers and custom versions of Mimikatz for data exfiltration and the theft of user credentials.&nbsp; <\/p>\n<p>Past campaigns use phishing methods, such as seemingly-legitimate emails with malicious attachments, to compromise a victim&#8217;s machine. Kaspersky says that the initial attack vector for the European campaign is unknown, but spear-phishing is likely to be the case, given CactusPete&#8217;s previous escapades.&nbsp; <\/p>\n<p>Kaspersky also noted that while CactusPete is not as sophisticated as many other APTs, it is possible that the cyberattackers have recently been bolstered with new support and resources due to the deployment of more complex code and tools, including <a href=\"https:\/\/securelist.com\/shadowpad-in-corporate-networks\/81432\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">ShadowPad<\/a> server software, throughout 2020.&nbsp; <\/p>\n<h3> Previous and related coverage <\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0<\/p>\n<hr>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31490\/CactusPete-Hackers-Go-On-European-Rampage-With-Bisonal.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36605,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8860],"class_list":["post-36604","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackergovernmentmalwaretrojancyberwarbackdoor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CactusPete Hackers Go On European Rampage With Bisonal 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CactusPete Hackers Go On European Rampage With Bisonal 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-14T16:02:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"CactusPete Hackers Go On European Rampage With Bisonal\",\"datePublished\":\"2020-08-14T16:02:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/\"},\"wordCount\":537,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png\",\"keywords\":[\"headline,hacker,government,malware,trojan,cyberwar,backdoor\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/\",\"name\":\"CactusPete Hackers Go On European Rampage With Bisonal 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png\",\"datePublished\":\"2020-08-14T16:02:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cactuspete-hackers-go-on-european-rampage-with-bisonal\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,malware,trojan,cyberwar,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentmalwaretrojancyberwarbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"CactusPete Hackers Go On European Rampage With Bisonal\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CactusPete Hackers Go On European Rampage With Bisonal 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/","og_locale":"en_US","og_type":"article","og_title":"CactusPete Hackers Go On European Rampage With Bisonal 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-08-14T16:02:17+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"CactusPete Hackers Go On European Rampage With Bisonal","datePublished":"2020-08-14T16:02:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/"},"wordCount":537,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png","keywords":["headline,hacker,government,malware,trojan,cyberwar,backdoor"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/","url":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/","name":"CactusPete Hackers Go On European Rampage With Bisonal 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png","datePublished":"2020-08-14T16:02:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/cactuspete-hackers-go-on-european-rampage-with-bisonal.png","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cactuspete-hackers-go-on-european-rampage-with-bisonal\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,malware,trojan,cyberwar,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentmalwaretrojancyberwarbackdoor\/"},{"@type":"ListItem","position":3,"name":"CactusPete Hackers Go On European Rampage With Bisonal"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36604","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36604"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36604\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36605"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36604"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36604"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36604"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}