Related Families: Atomic Stealer
Verticals Targeted: Software Development
Executive Summary
An ongoing social engineering campaign was observed targeting software developers. The threat actors use fake interviews to deliver a Python-based RAT, known as DevPopper.
Related Families: NewsTerminal, OfficeFuel, FuelDump, Gorble
Verticals Targeted: Government, Military, Education, Aerospace
Executive Summary
Iran nexus threat actor group APT42 was recently observed targeting entities in the US and Israel in a phishing campaign. Targets included entities in the government, military, education, and aerospace verticals, as well as individuals associated with the 2024 US Presidential candidates.
Related Families: Rhysida, INC
Verticals Targeted: Healthcare
Executive Summary
Since late July, at least two ransomware groups have allegedly targeted healthcare vertical entities. The attacks were attributed to INC and Rhysida ransomware groups.
Verticals Targeted: Critical Infrastructure, Healthcare, Government, Manufacturing
Executive Summary
BlackSuit is a ransomware family that targets both Windows and Linux systems. A recent joint advisory published by CISA and the FBI confirmed BlackSuit is a rebrand of Royal. The advisory also highlighted new BlackSuit ransomware activity.
Verticals Targeted: Government
Executive Summary
BitSloth is a recently discovered Windows backdoor that uses a built-in feature called Background Intelligent Transfer Service (BITS) for C2.
Executive Summary
A new version of Mandrake Android spyware was observed being distributed by multiple Android APKs on the Google Play store earlier this year.
Related Families: Dtrack, Dora RAT, TigerRAT, SmallTiger, LightHand, ValidAlpha
Verticals Targeted: Military, Defense, Engineering, Technology, Education, Construction, Manufacturing, Gambling, Energy