Verticals Targeted: Government, Education
PXA Stealer
Nov 22, 2024 1:54:18 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, PXA Stealer, Vietnam
Cthulhu MacOS Stealer
Aug 30, 2024 2:09:06 PM / by The Hivemind posted in Threat Bulletin, Stealer, MacOS, Cthulhu
Related Families: Atomic Stealer
Executive Summary
Cthulhu is a stealer malware targeting MacOS systems. First observed in 2023, this malware-as-a-service (MaaS) is capable of targeting both x86_64 and ARM architectures.
FickleStealer
Jun 28, 2024 3:08:23 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, FickleStealer
Executive Summary
FickleStealer is a Rust-based stealer that targets Windows devices. It is distributed in a variety of ways and steals information, likely with the intent of using the information for follow-on attacks.
Ebury Compromised 400K Linux Servers
May 20, 2024 2:59:44 PM / by The Hivemind posted in Threat Bulletin, Stealer, Linux, Backdoor, Cryptocurrency, Ebury, HelimodSteal, HelimodProxy, HelimodRedirect
Related Families: HelimodSteal, HelimodProxy, HelimodRedirect
Executive Summary
A longstanding botnet campaign is known to deliver Ebury, an OpenSSH backdoor and credential stealer.
CoralRaider's Stealer Spree
May 3, 2024 1:53:10 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, LummaC2, Rhadamanthys, CryptBot, CoralRaider
Related Families: CryptBot, LummaC2, Rhadamanthys
Verticals Targeted: Technology, Defense
Executive Summary
The threat actor group CoralRaider was recently observed on a stealer spree distributing three infostealers, CryptBot, LummaC2, and Rhadamanthys.
StrelaStealer Campaign Targeted US and EU
Apr 1, 2024 2:28:11 PM / by The Hivemind posted in Threat Bulletin, Government, Stealer, Energy, Manufacturing, Legal Services, Insurance, Construction, StrelaStealer, Email, Finance
Verticals Targeted: Technology, Finance, Legal Services, Manufacturing, Government, Energy, Insurance, Construction
Executive Summary
StrelaStealer was recently used in a widespread campaign targeting over 100 entities in the US and EU. The newest version of StrelaStealer is more advanced than previous versions and includes features to help thwart analysis.
Rhadamanthys Targeting ONG Sector
Mar 8, 2024 1:36:26 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Stealer, Phishing, Energy, ONG, Oil & Gas, Rhadamanthys
Verticals Targeted: Oil & Gas, Energy, Critical Infrastructure
LummaC2
Dec 1, 2023 12:48:51 PM / by The Hivemind posted in Threat Bulletin, Stealer, LummaC2, Lumma