Tag: pronsis loader

3 Attack Reports | 0 Vulnerabilities

Attack reports

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

A new malware called Pronsis Loader has been discovered, with similarities to D3F@ck Loader. Both use JPHP-compiled executables, but Pronsis uses NSIS for installation instead of Inno Setup. Pronsis Loader typically delivers Lumma Stealer and Latrodectus payloads. It employs defense evasion techniq…
lumma stealer
latrodectus
d3f@ck loader
pronsis loader
2024-12-04
jphp
Published: December 4, 2024
Downloadable IOCs: 0

Russian Hackers Attacking Ukraine Military With Malware Via Telegram

Russian hackers, identified as UNC5812, are targeting the Ukrainian military through a sophisticated cyber operation. The attackers use a deceptive Telegram channel and website posing as a civil defense service to distribute malware for both Windows and Android devices. The Windows attack deploys P…
malware
social engineering
android
windows
russia
ukraine
information theft
telegram
cyber-espionage
pronsis loader
sunspinner
craxsrat
purestealer
2024-10-31
Published: October 31, 2024
Downloadable IOCs: 7

Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives

A Russian hybrid espionage and influence operation, dubbed UNC5812, targets potential Ukrainian military recruits through a Telegram persona called 'Civil Defense'. The campaign delivers Windows and Android malware, including SUNSPINNER, PURESTEALER, and CRAXSRAT, while simultaneously spreading ant…
espionage
ukraine
influence
telegram
russian
recruitment
2024-10-28
military
pronsis loader
sunspinner
craxsrat
purestealer
Published: October 28, 2024
Linked vulnerabilities : CVE-2024-47575 (CVSS 9.8)
Downloadable IOCs: 3
Click here to see more Attack Reports