Related Families: TrickBot, Ryuk, QakBot, Zloader, Quantum, BlackCat
Executive Summary
Zimperium recently reported on RatMilad, spyware targeting Android devices.
Related Families: Jocker
Executive Summary
Kaspersky recently reported on Harly, a trojan subscriber targeting Android devices. Harly can subscribe a victim to a paid service without their knowledge or consent.
Key Takeaways
Related Families: ZetaNile (BlindingCan), EventHorizon
Verticals Targeted: Media, Defense, IT Services, Aerospace
Executive Summary
Microsoft recently reported on North Korean threat actor group Lazarus using living off the land (LOTL) techniques to target multiple verticals. Weaponization of legitimate tools includes SSH clients PuTTY and KiTTY, as well as TightVNC Viewer, Sumatra PDF reader, and muPDF/Subliminal Recording installer.
Related Families: SmokeLoader, RedLine Stealer, PseudoManuscrypt, ColdStealer, FormatLoader, CsdiMonetize, Disbuk, Fabookie, DanaBot, Racealer, Generic.ClipBanker, SgnitLoader, ShortLoader, Downloader.INNO, LgoogLoader, Downloader.Bitser, C-Joker, PrivateLoader, Satacom, GCleaner, Vidar
Verticals Targeted: Multiple
Executive Summary
Kaspersky recently reported on NullMixer, a dropper used to drop a myriad of malware families, including SmokeLoader, RedLine Stealer, PseudoManuscrypt, ColdStealer, FormatLoader, CsdiMonetize, Disbuk, Fabookie, DanaBot, Racealer, Generic.ClipBanker, SgnitLoader, ShortLoader, Downloader.INNO, LgoogLoader, Downloader.Bitser, C-Joker, PrivateLoader, Satacom, GCleaner, and Vidar.
Related Families: Specter RAT, SideWalk (Windows)
Verticals Targeted: Education
Executive Summary
ESET recently reported on a SideWalk Linux variant. SideWalk is a backdoor used by the SparklingGoblin threat actor group.
Executive Summary
Sophos recently reported on Deadbolt ransomware, a malware family targeting QNAP devices. QNAP released an advisory on the affected products.
