Malware

Pierluigi Paganini December 07, 2023
New Krasue Linux RAT targets telecom companies in Thailand

A previously undetected Linux RAT dubbed Krasue has been observed targeting telecom companies in Thailand. Group-IB researchers discovered a previously undetected Linux remote access trojan called Krasue has been employed in attacks aimed at telecom companies in Thailand. The Krasue Remote Access Trojan (RAT) has remained undetected since at least 2021 when it was registered on […]

Pierluigi Paganini December 04, 2023
New P2PInfect bot targets routers and IoT devices

Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets routers, IoT devices, and other embedded devices. This variant has been compiled for the Microprocessor without Interlocked Pipelined Stages (MIPS) architecture. The new bot supports updated […]

Pierluigi Paganini December 04, 2023
Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS ransomware. Microsoft the campaign to the ransomware operator Storm-0216 (Twisted Spider, UNC2198). Storm-0216 has historically used Qakbot malware for initial access, but has switched to other […]

Pierluigi Paganini December 04, 2023
LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. The ransomware breach that crippled U.S. Treasury trading operations at an American subsidiary of Industrial & Commercial Bank of China Ltd. on November 8 has laid bare the vulnerability of the global financial system […]

Pierluigi Paganini December 03, 2023
New Agent Raccoon malware targets the Middle East, Africa and the US

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is being used in attacks against organizations in the Middle East, Africa, and the U.S. The malware was used in attacks against multiple industries, including […]

Pierluigi Paganini December 01, 2023
Expert warns of Turtle macOS ransomware

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting […]

Pierluigi Paganini December 01, 2023
Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model.   A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least […]

Pierluigi Paganini November 30, 2023
Rhysida ransomware group hacked King Edward VII’s Hospital in London

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. King Edward VII’s Hospital is a private hospital located on Beaumont Street in the Marylebone district of central London. It is a leading provider of acute and specialist medical care, with a focus on musculoskeletal health, urology, women’s health, and digestive […]

Pierluigi Paganini November 28, 2023
International police operation dismantled a prominent Ukraine-based Ransomware group

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the police from seven nations, has arrested in Ukraine the core members of a ransomware group. The police arrested the kingpin along with four other suspects […]

Pierluigi Paganini November 28, 2023
Daixin Team group claimed the hack of North Texas Municipal Water District

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional water district that provides wholesale water, wastewater treatment, and solid waste services to a group of member cities and customers in North Texas, […]