Malware - Cybersec Sentinel (Page 3)

Malware

A collection of 111 posts

From Stealers to Ransomware PureCrypter Delivers It All

From Stealers to Ransomware PureCrypter Delivers It All

Threat Group: - Unknown (Distributed by cybercriminals through various malware-as-a-service campaigns) Threat Type: - Malware Loader Exploited Vulnerabilities: - Primarily relies on phishing emails with malicious attachments or links Malware Used: - PureCrypter Threat Score: - High (8.2/10) – Due to its ability to deliver multiple malware strains and

Murdoc Botnet Threatens IoT Security Worldwide

Murdoc Botnet Threatens IoT Security Worldwide

Threat Group: - Murdoc Botnet Threat Type: - Botnet / Malware Exploited Vulnerabilities: - CVE-2024-7029, CVE-2017-17215 Malware Used: - Murdoc Botnet Variant of Mirai Threat Score: - High (8.7/10) – Due to its exploitation of IoT vulnerabilities and rapid global spread. Last Threat Observation: - January 2025 Overview The Murdoc

InvisibleFerret Malware Leveraging Python for Targeted Attacks

InvisibleFerret Malware Leveraging Python for Targeted Attacks

Threat Group: North Korean Threat Actors (e.g., Lazarus Group) Threat Type: Backdoor Malware Exploited Vulnerabilities: None (Relies on social engineering and malicious delivery) Malware Used: InvisibleFerret (Python-based backdoor), BeaverTail (JavaScript-based stealer and loader) Threat Score: High (8.8/10) – High impact due to complex multi-stage infection and data exfiltration

The Return of PlugX Malware with Fresh Tricks

The Return of PlugX Malware with Fresh Tricks

Threat Group: Likely associated with Chinese Advanced Persistent Threat (APT) groups Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Multiple, including spear-phishing and exploiting unpatched software vulnerabilities Malware Used: PlugX Threat Score: High (8.7/10) – Due to its versatility, stealth capabilities, and association with espionage campaigns Last Threat Observation:

Phishing Campaigns Fuel Compiled AutoIt Malware Distribution

Phishing Campaigns Fuel Compiled AutoIt Malware Distribution

Threat Group: Various (including XLoader, SnakeKeylogger, RedLine, AgentTesla, RemcosRAT) Threat Type: Multi-Functional Malware via Phishing Campaigns Exploited Vulnerabilities: None specific; relies on social engineering for initial infection Malware Used: AutoIt Compile Malware (XLoader, SnakeKeylogger, RedLine, AgentTesla, RemcosRAT) Threat Score: High (8.7/10) – Due to the rapid increase in distribution

macOS Users Targeted by the New Variant of Banshee Infostealer

macOS Users Targeted by the New Variant of Banshee Infostealer

Threat Group: Unknown Threat Type: Information Stealer (Infostealer) Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on social engineering and phishing tactics Malware Used: Banshee Stealer Threat Score: High (8.5/10) – Due to its advanced evasion techniques, targeting of macOS systems, and comprehensive data theft capabilities. Last Threat Observation: January

Advanced Evasion Techniques Used by NonEuclid RAT

Advanced Evasion Techniques Used by NonEuclid RAT

Threat Group: Developer unknown, promoted by underground forums and individual actors Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Privilege escalation, outdated security patches, and social engineering Malware Used: NonEuclid RAT Threat Score: High (9.0/10) – Advanced persistence, ransomware capabilities, and widespread appeal within cybercrime circles Last Threat Observation:

REF5961 Group Deploys EAGERBEE Backdoor Against Critical Sectors

REF5961 Group Deploys EAGERBEE Backdoor Against Critical Sectors

Threat Group: REF5961 Threat Type: Backdoor Malware Exploited Vulnerabilities: Potential exploitation of Microsoft Exchange ProxyLogon (CVE-2021-26855) Malware Used: EAGERBEE, RUDEBIRD, DOWNTOWN Threat Score: High (8.5/10) – Due to its focus on critical infrastructure, advanced evasion techniques, and persistent access capabilities. Last Threat Observation: January 7, 2025 Overview EAGERBEE is

Threat Surge as Lumma Stealer Expands Its Reach

Threat Surge as Lumma Stealer Expands Its Reach

Threat Group: Lumma (operated by "Shamel") Threat Type: Information Stealer (Malware-as-a-Service) Exploited Vulnerabilities: No specific vulnerabilities; relies on social engineering and deceptive tactics Malware Used: Lumma Stealer (also known as LummaC2) Threat Score: High (8.5/10) – Due to its advanced evasion techniques, broad targeting capabilities, and widespread

IoT Devices Under Fire by FICORA and CAPSAICIN

IoT Devices Under Fire by FICORA and CAPSAICIN

Threat Group: Unattributed Threat Type: IoT-Based Botnets Exploited Vulnerabilities: D-Link HNAP Interface Flaws (CVE-2015-2051, CVE-2019-10891, CVE-2022-37056, CVE-2024-33112) Malware Used: Mirai Variant "FICORA", Kaiten Variant "CAPSAICIN" Threat Score: High (8.7/10) – Due to the exploitation of widely deployed IoT devices and the potential for large-scale Distributed