APT41 Group: 4 Malicious Campaigns, 13 Victims, New Tools and Techniques
Group-IB researchers emphasize that the group usually used certain servers exclusively to host the Cobalt Strike framework, while they exploited others only for active scanning through Acunetix.