Verticals Targeted: Government, Healthcare, Manufacturing, Transportation, Law and Consulting, IT, Agriculture
Regions Targeted: Brazil, Japan, Canada, Turkey, South Korea, Taiwan, United States
Related Families: Conti
Gunra Ransomware
Aug 11, 2025 2:41:54 PM / by The Hivemind posted in Threat Bulletin, Emerging Threat, Evolving Threat, Data Exfiltration, Gunra Ransomware, Linux Ransomware Variant, Multi-Thread Encryption, Partial Encryption, Cross-Platform Ransomware, Conti-Inspired, Ransomware Analysis, Gunra Group, Enterprise Targeting
Static Kitten Observed Using DCHSpy Android Malware
Aug 1, 2025 1:17:27 PM / by The Hivemind posted in Threat Bulletin, Static Kitten, Spyware, Data Exfiltration, Mobile Security, DCHSpy, Android surveillanceware, Starlink spoofing, Iranian malware, Middle East cyber threats, VPN phishing
Verticals Targeted: None specified
Regions Targeted: Iran, Middle East
Related Families: None specified
Executive Summary
DCHSpy is an Android surveillanceware linked to Iran’s Static Kitten group, targeting Iranian users with fake VPN and Starlink apps to steal sensitive data amid regional conflict. This malware, active since October 2023, exploits social engineering to access WhatsApp, location data, and personal files.
Wicked Panda Targets Government Entities, Uses Google Calendar for C2
Jun 6, 2025 2:50:40 PM / by The Hivemind posted in Threat Bulletin, APT41, Wicked Panda, TOUGHPROGRESS malware, Google Calendar C2, Spear Phishing, Government Cyberattack, Chinese Cyber Espionage, Cloud Service Abuse, Malware Analysis, Data Exfiltration
Verticals Targeted: Government
Regions Targeted: Not specified
Related Families: VOLDEMORT, DUSTTRAP