Russian-Speaking Cyberespionage Group Nebulous Mantis Deploys RomCom RAT

The Russian-speaking cyberespionnage group Nebulous Mantis has deployed a remote access Trojan called RomCom RAT since mid-2022. RomCom uses advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while constantly evolving its infrastructure. NATO-linked entities are targeted by these multi-stage attacks.