At least one Russian government agency or aviation company
September 1, 2025
•[ phishing, malicious advertising, malware ]
HeartlessSoul has targeted Russian government agencies, aerospace firms, aviation companies, and drone operators since at least September 2025 using phishing emails with infected attachments, malicious advertising, fake aviation-software download sites, fake SourceForge projects, and malware disguised as legitimate software. Public reporting indicates the campaign was successful against one or more victims and resulted in the exfiltration of GIS, satellite, GPS, terrain, digital geographic relief, and other proprietary geospatial data.
