Tag: chisel

2 Attack Reports | 0 Vulnerabilities

Attack reports

The Anatomy of Abyss Locker Ransomware Attack

Abyss Locker (AKA Abyss ransomware) is a relatively new threat group that emerged in 2023, specializing in swift and decisive intrusions designed to cripple victims with ransomware. Abyss Locker was active throughout 2024, causing multiple incidents investigated by Sygnia. However, no recent techni…
backdoor
ransomware
rclone
persistence
service
esxi
chisel
psexec
2025-02-10
file
locker
abyss locker
defender
smbexec
strong
vulnerable
remcom
impact
story
patch
restrict
velvet
ssh tunneling
Published: February 10, 2025
Downloadable IOCs: 15

Dissecting A Multi-Stage PowerShell Campaign Using Chisel

A sophisticated multi-stage PowerShell campaign has been identified, utilizing an LNK file to initiate a sequence of obfuscated scripts. The attack maintains persistence and stealth by connecting with a command-and-control server. It employs Chisel, a fast TCP/UDP tunneling tool, and a Netskope pro…
powershell
persistence
lateral movement
lnk file
multi-stage
command-and-control
2024-11-12
chisel
Published: November 12, 2024
Downloadable IOCs: 17
Click here to see more Attack Reports