Related Families: Xorist, Laplas Clipper
Executive Summary
Cisco Talos recently reported on threat actor activity leveraging MortalKombat ransomware and Laplas Clipper. MortalKombat encrypts files on the infected machine and drops a ransom note instructing victims on how to pay the ransom to recover their files.
Key Takeaways
Related Malware: Babuk
Verticals Targeted: Multiple
Executive Summary
Industry researchers recently reported on ESXiArgs ransomware, which targeted VMware ESXi servers around the globe. After CISA released a recovery script, the threat actors behind ESXiArgs distributed a new variant of the ransomware.
Key Takeaways
Verticals Targeted: Chemical
Executive Summary
A recent hacking campaign targeted Israeli chemical sector companies operating in the occupied territories. The threat actor group Electronic Quds Force is responsible for the campaign. This threat bulletin is provided for situational awareness.
Key Takeaways
Related Families: Bumblebee, IcedId
Verticals Targeted: Financial
Executive Summary
BlackBerry recently reported on Emotet’s new TTPs, including new email lures, IcedID, and Bumblebee as secondary payloads and evasion methods.
Related Families: Conti
Executive Summary
Trend Micro recently reported on Mimic ransomware, a ransomware family that abuses Everything APIs.
Key Takeaways
Related Families: Wroba.o, Xloader
Executive Summary
Kaspersky SecureList recently reported on a Roaming Mantis campaign using Wroba.o with DNS hijacking to infect routers and Android devices.
Key Takeaways
Related Families: Ermac
Verticals Targeted: Financial
Executive Summary
Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.
