Unusual Tools Used in Recent Fog Ransomware Attack

In May 2025, the operators of the Fog ransomware targeted an Asian financial company using unusual pentesting and surveillance tools. According to Symantec researchers, the attackers employed the Syteca surveillance software as well as the GC2, Adaptix, and Stowaway pentesting tools. The use of these tools is considered atypical for this type of attack.