Background
Sentinel One recently published research on AcidRain, a wiper malware used in an attack on Viasat KA-SAT in Ukraine.
What is AcidRain Wiper?
Background
Proofpoint recently published research on Serpent, a newly discovered backdoor malware. Proofpoint observed the malware targeting the construction, real estate, and government verticals in France.
Background
In our PolySwarm 2021 Year in Review, we made several predictions for this year, including that BlackCat ransomware would become more prevalent, due to its sophistication. BlackCat ransomware is ransomware as a service (RaaS), which was recently linked to the
Background
Arete recently reported on Surtr ransomware, a RaaS. A recently discovered Surtr sample paid tribute to the REvil/Sodinokibi ransomware gang.
Background
Trend Micro recently reported on Nokoyawa, a ransomware family they discovered earlier this month. They stated Nokoyawa seems to have a connection with Hive ransomware, based on similarities in the attack chains of the two malware families.
Background
Since January, Ukraine has been targeted by several wiper malware families. In early February, we reported on the WhisperGate wiper. Earlier this month we spotlighted HermeticWiper and IsaacWiper. Ukraine was recently under attack by yet another wiper malware. ESET announced the discovery of CaddyWiper on March 14th in a tweet. Cisco Talos followed up a day later with more information on this malware.
Background
Qualys recently published a blog post on AvosLocker ransomware, which targets both Windows and Linux operating systems.
Background
Iranian threat actor group Muddy Water has been very active in the last few months. In February, CISA issued an alert warning that the group was conducting a campaign targeting global government and commercial networks. Earlier this month, Cisco’s Talos Intelligence published a blog post on Muddy Water activity targeting Turkey and other countries.