EncryptHub, an emerging malware threat actor that has compromised more than 600 organizations, had details about its operations and attack chain exposed by researchers.In a Thursday blog post, Outpost24’s KrakenLabs Threat Intelligence Team outlined the inner workings of the malware operation, including its structure and techniques for infecting and managing infected systems.The new information about … Read more
Feb 27, 2025Ravie LakshmananMalware / Network Security The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It’s tracking … Read more
Remote takeover tools have overtaken controlled malware as the preferred method for cybercriminals, according to CrowdStrike, which says that threat actors are now eschewing installed malware payloads and opting for remote control tools that offer an instant payout.“During 2024, adversaries matured faster than ever, innovating techniques and tools as well as finding creative solutions to … Read more
The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods. Below is an overview of five notable malware families, accompanied by analyses conducted in controlled environments. NetSupport RAT Exploiting the ClickFix Technique In early 2025, threat actors began exploiting a … Read more
Feb 13, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it … Read more
