Verticals Targeted: Healthcare, Government, Education, Technology, Manufacturing, SMBs
Ghost (Cring) Ransomware
Feb 24, 2025 11:57:27 AM / by The Hivemind posted in Threat Bulletin, Ransomware, Ghost, Cring
FrigidStealer MacOS Stealer
Feb 21, 2025 1:48:14 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, MacOS, Emerging Threat, FrigidStealer
Executive Summary
FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.
SystemBC Now Targeting Linux
Feb 18, 2025 2:05:57 PM / by The Hivemind posted in Threat Bulletin, Linux, RAT, SystemBC, Evolving Threat
Related Families: RIG, Fallout EK
Executive Summary
SystemBC, a RAT that previously only targeted Windows systems was recently observed targeting Linux.
Chinese Threat Actors Using BadIIS to Manipulate SEO
Feb 14, 2025 1:01:25 PM / by The Hivemind posted in Threat Bulletin, China, BadIIS, SEO manipulation, DragonRank
Verticals Targeted: Government, Education, Technology, Telecommunications
Executive Summary
Chinese threat actors were recently observed using BadIIS to manipulate SEO and direct victims to illegal gambling sites.
Evasive Panda Uses SSH Backdoor to Target Network Devices
Feb 10, 2025 1:56:30 PM / by The Hivemind posted in Threat Bulletin, China, Linux, Evasive Panda, Daggerfly, ELF/Sshdinjector.A!tr
Executive Summary
Coyote Banking Trojan
Feb 7, 2025 1:04:08 PM / by The Hivemind posted in Threat Bulletin, Windows, Banker, Banking Trojan, Evolving Threat, Coyote
Verticals Targeted: Financial
Executive Summary
Coyote, which was first observed in early 2024, is a banking trojan that has targeted over 1030 sites and 73 financial institutions.
Lynx Ransomware
Feb 3, 2025 1:43:43 PM / by The Hivemind posted in Threat Bulletin, Ransomware, INC, Emerging Threat, Lynx
Related Families: INC
Verticals Targeted: Legal Services, Retail, Finance, Telecommunications, Agriculture, Manufacturing, Construction, Transportation, Healthcare, Energy
Executive Summary
Lynx ransomware is a ransomware-as-a-service (RaaS) that was first observed in July 2024. Since its debut, the ransomware has gained momentum and has continued its activity into early 2025.
MintsLoader Delivering StealC and BOINC
Jan 31, 2025 12:35:53 PM / by The Hivemind posted in Threat Bulletin, Loader, MintsLoader, BOINC, StealC
Verticals Targeted: Oil & Gas, Energy, Legal Services