Alex Delamotte, Author at SentinelOne

PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale

Alex Delamotte / May 7, 2026

Cloud attack framework skips cryptomining, harvests financial, messaging, and enterprise credentials for fraud, spam, and potential extortion.

labs

Crimeware

Smart Contract Scams | Ethereum Drainers Pose as Trading Bots to Steal Crypto

Alex Delamotte / August 5, 2025

Crypto scammers use fake YouTube bots, AI videos, and obfuscated smart contracts to steal $900K+, targeting unwary traders.

CloudRansomware BlogImage 1600x900 1600x900

labs

The State of Cloud Ransomware in 2024

Alex Delamotte / November 14, 2024

In this new report, learn how threat actors are leveraging cloud services to target web services with ransomware attackers.

labs

Security Research

Cloud Malware | A Threat Hunter’s Guide to Analysis, Techniques and Delivery

Alex Delamotte / October 24, 2024

Learn about cloud threats, how to hunt for them and how to analyze them in this post based on Alex Delamotte's recent LABScon workshop.

labs

Crimeware

Xeon Sender | SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Alex Delamotte / August 19, 2024

Cloud attack tool has been repurposed by multiple threat actors to push SMS spam and smishing campaigns through major SaaS providers.

labs

Adversary

CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts

Alex Delamotte / July 1, 2024

SentinelLABS has identified four new CapraRAT APKs associated with suspected Pakistan state-aligned actor Transparent Tribe.

SNS Sender Active Campaigns Unleash Messaging Spam Through The Cloud 3

labs

Crimeware

SNS Sender | Active Campaigns Unleash Messaging Spam Through the Cloud

Alex Delamotte / February 15, 2024

Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.

Exploring FBot Python Based Malware Targeting Cloud And Payment Services 6

labs

Crimeware

Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services

Alex Delamotte / January 11, 2024

FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.

MOVEit Transfer Exploited To Drop File Stealing SQL Shell 4

labs

MOVEit Transfer Vulnerability used to Drop File-Stealing SQL Shell

Alex Delamotte / January 7, 2024

Mass exploitation of a MOVEit file transfer flaw is impacting organizations across verticals. Learn how the attack works and how to see if you are affected.

Predator AI ChatGPT Powered Infostealer Takes Aim At Cloud Platforms 3

labs

Security Research

Predator AI | ChatGPT-Powered Infostealer Takes Aim at Cloud Platforms

Alex Delamotte / November 7, 2023

An emerging infostealer being sold on Telegram looks to harness generative AI to streamline cyber attacks on cloud services.