New APT Report details surge in Russian, Chinese, and North Korean operations; ZEROLOT wiper targets Ukrainian energy infrastructure
ESET has released its latest Advanced Persistent Threat (APT) Activity Report, uncovering a significant escalation in Russia-aligned cyberattacks on Ukraine and EU nations. Most notably, Sandworm deployed a newly identified destructive wiper named ZEROLOT against Ukrainian energy firms, using Active Directory Group Policy to propagate the malware. The report, covering October 2024 to March 2025, reveals increased aggressiveness from APT groups aligned with Russia, China, North Korea, and Iran.
“As cyber conflict escalates, real-time intelligence is the key to resilience.” – Richard Marko, CEO, ESET
