Stayin Alive Campaign Targets Telecoms and Government Entities in Asia
Oct 27, 2023 1:54:59 PM / by The Hivemind posted in Threat Bulletin, Government, Telecommunications, Asia, CurKeep, StayinAlive, ToddyCat, CurCore, CurLog, CurLu, StylerServ
Related Families: CurKeep, CurCore, CurLog, CurLu, StylerServ
Verticals Targeted: Telecommunications, Government
Executive Summary
The Stayin Alive campaign, perpetrated by ToddyCat, was observed targeting telecommunications and government entities in Asia.
Akira Ransomware
Oct 23, 2023 1:37:51 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Akira, Megazord
Related Families: Megazord
Verticals Targeted: Manufacturing, Business Services, Construction, Education, Finance, Legal Services, Retail, Architecture, Engineering and Design, and Investment Banking
Executive Summary
Akira ransomware, active since April 2023, was recently observed targeting Windows and Linux systems.
Qakbot Threat Actors Distributing Ransom Knight And Remcos
Oct 20, 2023 4:30:11 PM / by PolySwarm Tech Team posted in Threat Bulletin, Qbot, RAT, Remcos RAT, Ransom Knight, Qakbot
Executive Summary
Threat actors affiliated with Qakbot were observed distributing Ransom Knight ransomware and Remcos RAT.
Mirai IZ1H9
Oct 16, 2023 2:17:16 PM / by The Hivemind posted in Threat Bulletin, Linux, IoT, Mirai, Botnet, IZ1H9
Executive Summary
Mirai IZ1H9, a newer variant of Mirai, is being used to infect Linux devices for use in a DDoS campaign.
AresLoader
Oct 13, 2023 2:27:36 PM / by The Hivemind posted in Russia, Threat Bulletin, Loader, Cybercrime, AresLoader, MaaS
Executive Summary
AresLoader is a loader malware-as-a-service (MaaS) active in the wild since at least November 2022. AresLoader is designed to masquerade as legitimate software, while covertly downloading malicious payloads.
BunnyLoader
Oct 9, 2023 12:00:10 PM / by The Hivemind posted in Threat Bulletin, Loader, BunnyLoader, Malware-As-A-Service, Cybercrime
Executive Summary
BunnyLoader is a recently discovered malware-as-a-service (MaaS) threat being sold on multiple forums. It was released in September 2023 and appears to be under active development, with feature updates and bug fixes available.
Stealth Falcon's Deadglyph Backdoor
Oct 6, 2023 1:42:37 PM / by The Hivemind posted in Threat Bulletin, Middle East, Backdoor, Stealth Falcon, Deadglyph, UAE
Verticals Targeted: Government