Verticals Targeted: Healthcare, Technology
Regions Targeted: Asia, Europe, United States
Related Families: REvil, Babuk
BERT Ransomware
Jul 11, 2025 2:02:09 PM / by The Hivemind posted in Threat Bulletin, Europe, REvil, Healthcare, Asia, Babuk, Technology, Emerging Threat, PowerShell, Evolving Threat, Event Services, United States, BERT ransomware
EDDIESTEALER
Jun 9, 2025 12:29:15 PM / by The Hivemind posted in Threat Bulletin, Infostealer, Data Theft, social engineering, Emerging Threat, EDDIESTEALER, Rust Malware, CAPTCHA Campaign, ClickFix, PowerShell Attack, ChromeKatz, Cybersecurity
Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: None
Executive Summary
EDDIESTEALER is a Rust-based infostealer distributed through deceptive CAPTCHA campaigns, leveraging social engineering to steal sensitive data like credentials and cryptocurrency wallet details. Its advanced obfuscation and ChromeKatz integration highlight the growing sophistication of commodity malware.
Nitrogen Ransomware Targets Financial Vertical
May 27, 2025 12:16:27 PM / by The Hivemind posted in Threat Bulletin, Financial, Ransomware, Emerging Threat, Nitrogen
Verticals Targeted: Finance, Construction, Manufacturing, Technology
Regions Targeted: US, UK, Canada
Related Families: Cobalt Strike, Meterpreter
PupkinStealer Leverages Telegram for Data Exfiltration
May 16, 2025 2:16:41 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, Emerging Threat, PupkinStealer
Verticals Targeted: E-commerce
Regions Targeted: Not specified
Related Families: None identified
Executive Summary
PupkinStealer, a .NET-based infostealer written in C#, targets sensitive data such as browser credentials and desktop files, exfiltrating it via Telegram’s Bot API. First observed in April 2025, its simplicity and reliance on legitimate platforms make it a notable threat.
ResolverRAT Targets Healthcare Sector
Apr 28, 2025 1:19:17 PM / by The Hivemind posted in Threat Bulletin, Healthcare, RAT, Emerging Threat, ResolverRAT
Verticals Targeted: Healthcare, Pharmaceutical
Regions Targeted: Language based targeting of Czech, Hindi, Indonesian, Italian, Portuguese, Turkish
Related Families: Rhadamanthys, Lumma
Executive Summary
ResolverRAT is a sophisticated remote access trojan (RAT) targeting healthcare and pharmaceutical sectors globally. Deployed via localized phishing campaigns, this previously undocumented malware employs advanced in-memory execution and evasion techniques to steal sensitive data.
CoffeeLoader
Apr 11, 2025 2:29:33 PM / by The Hivemind posted in Threat Bulletin, Loader, Emerging Threat, CoffeeLoader
Related Families: SmokeLoader, Rhadamanthys
Crocodilus Android Banking Trojan
Apr 7, 2025 1:41:20 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Banking Trojan, Emerging Threat, Crocodilus
Verticals Targeted: Financial
Executive Summary
Crocodilus is a newly identified Android banking Trojan that exhibits advanced device-takeover capabilities and targets financial institutions and cryptocurrency wallets. Already operational in Spain and Turkey, this malware showcases a mature feature set that challenges traditional defenses, marking a significant evolution in mobile threats.
VanHelsing Ransomware
Mar 31, 2025 2:19:18 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Emerging Threat, VanHelsing