When I saw the attack vector for the first time, I realized that it is an excellent case to demonstrate the potential of the ATLAS. So, after finishing the analysis and the ATLAS rule, I've decided to write a blog post with a detailed explanation of creating the ATLAS rule.
Albert Lamorisse invented Risk game in 1957. According to Wikipedia,
Risk is a strategy board game of diplomacy, conflict and conquest for two to six players. The standard version is played on a board depicting a political map of Earth, divided into forty-two territories, which are grouped into six continents. Turn rotates among players who control armies of playing pieces with which they attempt to capture territories from other players, with results determined by dice rolls. Players may form and dissolve alliances during the course of the game. The goal of the game is to occupy every territory on the board and in doing so, eliminate the other players.
Agent.Tesla is a piece of malware that is active since 2014. According to an article that is published on 'krebsonsecurity.com', access right is acquired by paying subscription fee via bitcoin and by the time of the article, it had more than 6,300 customers. 7/24 technical support via Discord channel is also included.
The tag "Late Night Show" because, the attack origins at the end of 2018 and apparently the Show is very late.
The group, also known as FancyBear, Sofacy Group, Sednit..., starts its activity in the mid-2000s. They target government, military and security organizations especially NATO-aligned states.
APT28 is a threat group that has been attributed to Russia's Main Intelligence Directorate of the Russian General Staff by a July 2018 U.S. Department of Justice indictment. This group reportedly compromised the Hillary Clinton campaign, the Democratic National Committee, and the Democratic Congressional Campaign Committee in 2016 in an attempt to interfere with the U.S. presidential election.