HAMMERTOSS: Stealthy tactics define a Russian cyber threat group

1 min read

It hides in network communications, in all the noise—designed so that defenders can neither detect nor characterize its activity. But its purpose is transparent: to use Twitter, GitHub, and cloud storage services to relay commands and extract data from compromised networks.

Download the report and read about the recently discovered HAMMERTOSS, a malware backdoor created by the Russian advanced persistent threat (APT) group APT29.


  • How HAMMERTOSS works—the five stages, from looking for a Twitter handle to executing commands, including uploading victim’s data to cloud storage services
  • Who APT29 is—their history, targets and methodology
  • Why it’s difficult to detect HAMMERTOSS

Download Now