<— Back

No impregnable fortress: how Team46 carries out successful attacks on Russian companies

In my presentation, I will talk about how we discovered the advanced Team46 group, which carries out successful attacks on Russian companies. The group uses a wide range of techniques to gain initial access, from classic phishing to one-click exploit chains for Google Chrome (CVE-2025-2783). The group uses exploits not only to penetrate the network, but also to maintain persistence, for example, through the CVE-2024-6473 vulnerability for Yandex Browser. In addition to using well-known tools such as CobaltStrike and Donut, Team46 creates and actively develops its own tools, such as the Dante and Trinper backdoors, and also has an extensive/complex of network infrastructure.

Vladislav Lunin – Positive Technologies

Vladislav Lunin, Senior Threat Intelligence Specialist of the Positive Technologies Expert Security Center Sophisticated Threat Research Group

Previously, worked at Dr.Web as a virus analyst.
Speaker at relevant conferences – OFFZONE, PHDays.

I am also a former “CTF” player, an active “Flare-On” player, and a contributor to “XAKEP” Journal.