Armored Likho conducts phishing campaign with BusySnake Stealer
campaignopenJul 3, 2026 — Jul 3, 2026
Armored Likho, a newly identified threat actor, has been distributing the BusySnake Stealer malware through targeted phishing emails aimed at government agencies and electric power companies in the United Kingdom, with additional activity observed in Russia, Brazil and Kazakhstan. The campaign seeks to harvest credentials and sensitive data from compromised systems, and security researchers warn that the activity remains active.
CyberSIXT is compiling the full intelligence briefing for this incident — gathering sources and cross-checking coverage. Check back in a few minutes.
Timeline Coverage
Swipe to explore timeline
-
BusySnake Stealer Aims at UK Govt, Power Sector, Experts Warn
thehackernews.com
-
Armored Likho deploys BusySnake Stealer via phishing emails
securelist.com