An unknown threat actor has been linked to a cyber attack on a power generation company in South Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack.
“The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a South African nation’s critical infrastructure,” Kurt Baumgartner, principal security researcher at