Neon

Neon is a threat actor that has been implicated in a series of cyber-attacks and malicious activities. This entity's actions have caused significant disruption, particularly in the global chip supply chain. In April, amid an update on the worldwide chip supply chain disruption, it was noted that Neon's output for chips had been halved since Russia's attack on Ukraine. This disruption has led to concerns over component sourcing due to shortages, affecting even prototype designs. The group's activities have also included the production of fake chips, posing a significant threat to national security and critical systems. The threat actor has demonstrated advanced technical capabilities, including a unique method of generating randomness using noise produced by neon cold-cathode tubes. Additionally, Neon has developed malware that actively searches for data files related to 17 different types of wallets, including Atomic, Guarda, SimplEOS, and NEON. The malware also targets wild-card filenames based on the word "wallet," OpenVPN, and remote desktop protocol credentials. This level of sophistication suggests a high degree of technical expertise and a broad range of targets. Despite the seriousness of Neon's activities, the cybersecurity community's understanding of this threat actor remains somewhat esoteric. The lack of standard naming conventions within the industry can make tracking and understanding these groups more challenging. However, it's clear that Neon represents a significant threat to both the technology industry and broader cybersecurity landscape. As such, ongoing monitoring and defensive measures against this group are crucial.