Tag: 2024-10-21

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6

Lumma Stealer, a sophisticated information-stealing malware, has evolved its tactics to employ fake CAPTCHA verification for payload delivery. The malware exploits legitimate software and uses multi-stage fileless techniques to evade detection. Its infection chain involves PowerShell scripts, proce…

Downloadable IOCs 23

This intelligence report analyzes the increasing prevalence of information stealers, focusing on Kral, AMOS, Vidar, and ACR. Kral, delivered by its downloader, targets cryptocurrency wallets and browser data. AMOS, a macOS stealer, spreads through malvertising impersonating Homebrew. Vidar distribu…

Downloadable IOCs 0

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

Downloadable IOCs 5

A new ransomware called Fog has been identified, affecting education and recreation centers in the United States. The threat actors gain access through compromised VPN credentials, disable Windows Defender, and deploy the ransomware. Fog is a 32-bit EXE file compiled using Microsoft Visual C/C++. I…

Downloadable IOCs 1

A new infection chain for the Bumblebee loader malware has been discovered, potentially indicating its resurgence after Operation Endgame. The sophisticated downloader, first identified in March 2022, is used by cybercriminals to access corporate networks and deliver payloads like Cobalt Strike bea…

Downloadable IOCs 11

The Latrodectus malware campaign employs a combination of traditional phishing techniques and innovative payload delivery methods to target financial, automotive, and healthcare sectors. The attack chain begins with compromised emails containing malicious PDF or HTML attachments, which redirect use…

Downloadable IOCs 20

This analysis examines three emerging malware threats: Divulge Stealer, DedSec Stealer, and Duck Stealer. These stealers, often promoted on platforms like GitHub and Telegram, target browser data, game information, and sensitive personal details. Divulge Stealer, a successor to Umbral Stealer, feat…

Downloadable IOCs 3

Zimperium's zLabs researchers have been tracking Necro.N, a highly intrusive mobile malware campaign, since July. This malware, potentially succeeding Joker, uses obfuscation and steganography to hide malicious payloads within images. It downloads payloads from C2 servers, enabling remote code exec…

Downloadable IOCs 6