Crimeware

Kryptina Desert Ftr

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware

Kryptina's adoption by Mallox affiliates complicates malware tracking as ransomware operators blend different codebases into new variants.

Read More
Xeon Dive Bg

Xeon Sender | SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Cloud attack tool has been repurposed by multiple threat actors to push SMS spam and smishing campaigns through major SaaS providers.

Read More
NullBulge Ransomware Threat Actor Masquerades As Hacktivist Group Rebelling Against AI2

NullBulge | Threat Actor Masquerades as Hacktivist Group Rebelling Against AI

Actors are masquerading as hacktivists targeting AI-centric communities with commodity malware and customized LockBit payloads.

Read More
SNS Sender Active Campaigns Unleash Messaging Spam Through The Cloud 3

SNS Sender | Active Campaigns Unleash Messaging Spam Through the Cloud

Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.

Read More
Exploring FBot Python Based Malware Targeting Cloud And Payment Services 6

Exploring FBot  | Python-Based Malware Targeting Cloud and Payment Services

FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.

Read More
Cloudy With A Chance Of Credentials AWS Targeting Cred Stealer Expands To Azure GCP 9

Cloudy With a Chance of Credentials | AWS-Targeting Cred Stealer Expands to Azure, GCP

Cloud credentials stealing campaign expands to target Azure and Google Cloud via unpatched web app vulnerabilities.

Read More
Hypervisor Ransomware Multiple Threat Actor Groups Hop On Leaked Babuk Code To Build ESXi Lockers

Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers

Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.

Read More
IceFire Ransomware Returns Now Targeting Linux Enterprise Networks 8

IceFire Ransomware Returns | Now Targeting Linux Enterprise Networks

New Linux version of the IceFire ransomware have been observed in recent network intrusions of media and entertainment enterprises.

Read More
Cl0p Ransomware Targets Linux Systems With Flawed Encryption Decryptor Available 9

Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available

An in-the-wild ELF variant of Cl0p ransomware shows the gang is looking beyond traditional Windows targets.

Read More
MalVirt .NET Virtualization Thrives In New Malvertising Attacks 3

MalVirt | .NET Virtualization Thrives in Malvertising Attacks

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

Read More