Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: russian-speaking

3 attack reports | 0 vulnerabilities

Attack reports

Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans

A new phishing campaign targeting Russian-speaking users employs the open-source Gophish framework to deliver DarkCrystal RAT and a novel remote access trojan called PowerRAT. The attack utilizes modular infection chains, either through malicious Microsoft Word documents or HTML files with embedded…

phishing
dcrat
html smuggling
darkcrystal rat
russian-speaking
remote access trojan
2024-10-22
powerrat
gophish
Published: October 22, 2024

Downloadable IOCs 2

Key Group uses leaked builders of ransomware and wipers

Key Group, also known as keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group has been active since 2022, using various leaked ransomware builders and wipers, including Xorist, Chaos, Annabelle, Slam, RuRansom, UX-Cryptor, Hakuna Matata, and Judge/No…

phishing
ransomware
persistence
njrat
wiper
telegram
chaos
2024-10-02
xorist
slam
hakuna matata
annabelle
ruransom
ux-cryptor
multi-stage loaders
leaked builders
russian-speaking
judge/nocry
Published: October 2, 2024

Downloadable IOCs 24

Key Group: another ransomware group using leaked builders

Key Group is a financially motivated ransomware group primarily targeting Russian users. They use various leaked ransomware builders including Chaos, Xorist, Annabelle, Slam, RuRansom, UX-Cryptor, Hakuna Matata, and Judge/NoCry. The group's activity has been tracked since April 2022, with their tac…

ransomware
persistence
njrat
wiper
github
telegram
chaos
financially motivated
2024-10-01
xorist
slam
hakuna matata
annabelle
ruransom
ux-cryptor
multi-stage loaders
leaked builders
russian-speaking
judge/nocry
Published: October 1, 2024

Downloadable IOCs 0

» Click here to see all Attack Reports «