Verticals Targeted: Government, Defense, Finance, Technology, Telecommunications, Aerospace, Pharmaceuticals
Executive Summary
Multiple industry sources recently reported on KrustyLoader, a Rust-based backdoor with both Windows and Linux variants.
Mar 11, 2024 3:09:11 PM / by The Hivemind posted in Threat Bulletin, Windows, Linux, Backdoor, KrustyLoader, Avanti, UNC5221
Verticals Targeted: Government, Defense, Finance, Technology, Telecommunications, Aerospace, Pharmaceuticals
Multiple industry sources recently reported on KrustyLoader, a Rust-based backdoor with both Windows and Linux variants.
Jan 22, 2024 1:38:21 PM / by The Hivemind posted in Threat Bulletin, APT, Critical Infrastructure, China, Linux, Volt Typhoon, KV-Botnet
Verticals Targeted: Government
Oct 16, 2023 2:17:16 PM / by The Hivemind posted in Threat Bulletin, Linux, IoT, Mirai, Botnet, IZ1H9
Sep 25, 2023 2:06:11 PM / by The Hivemind posted in Threat Bulletin, Espionage, Government, Linux, Backdoor, Mandibule, SprySOCKS, Earth Lusca, Aquatic Panda
Related Families: Mandibule, Cobalt Strike, Trochilus, RedLeaves
Verticals Targeted: Government
Aug 21, 2023 12:49:38 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Conti, Monti
Related Families: Conti
Verticals Targeted: Legal, Government
Jun 12, 2023 2:55:54 PM / by The Hivemind posted in Ransomware, Windows, Linux, Royal, BlackSuit, encryption
Related Families: Royal
BlackSuit ransomware targets both Windows and Linux systems and bears a striking resemblance to Royal ransomware.
Mar 14, 2023 3:30:50 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, RAT, Trojan, SysUpdate, Iron Tiger, Emissary Panda, APT27
Verticals Targeted: Gambling
Trend Micro recently reported on a new Linux variant of Emissary Panda’s SysUpdate. SysUpdate is one of Emissary Panda’s custom tools.
Mar 3, 2023 1:25:10 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Royal
Verticals Targeted: IT, Financial, Materials, Healthcare, Food Production
Trend Micro recently reported on a new Linux variant of Royal ransomware that targets Linux systems and ESXi servers. Royal ransomware is yet another contender among the many ransomware families now targeting Linux systems.