Malware - Cybersec Sentinel (Page 4)

Malware

A collection of 88 posts

Ymir and RustyStealer Malware Duo Escalates Cyber Threat Landscape

Ymir and RustyStealer Malware Duo Escalates Cyber Threat Landscape

Threat Group: Unidentified Threat Actor Threat Type: Ransomware, Info-Stealer Exploited Vulnerabilities: Common file encryption mechanisms, credential theft techniques Malware Used: Ymir Ransomware, RustyStealer Threat Score: High (8.2/10) — Due to its dual-impact functionality that combines data theft with ransomware encryption. Last Threat Observation: November 10, 2024 Overview A newly

Advanced Malware SteelFox Uses Windows Vulnerabilities for System Access

Advanced Malware SteelFox Uses Windows Vulnerabilities for System Access

Threat Group: Unknown Threat Type: Crimeware Bundle (Information Stealer and Cryptominer) Exploited Vulnerabilities: CVE-2020-14979, CVE-2021-41285 Malware Used: SteelFox Threat Score: High (8.5/10) — Due to advanced privilege escalation, data theft, and cryptocurrency mining techniques. Last Threat Observation: November 2024 Overview SteelFox is a sophisticated malware campaign that combines information-stealing

AndroxGh0st Malware Evolves to Target IoT and Critical Infrastructure

AndroxGh0st Malware Evolves to Target IoT and Critical Infrastructure

Threat Group: Unknown Threat Type: Malware/Botnet Exploited Vulnerabilities: CVE-2017-9841, CVE-2018-15133, CVE-2021-41773 Malware Used: AndroxGh0st Threat Score: High (8.5/10) — Due to its focus on critical infrastructure, advanced exploitation techniques, and integration with other botnets. Last Threat Observation: November 8 Overview AndroxGh0st is a Python-based malware that has evolved

Remcos RAT Malware Campaign Poses Persistent Threat to Windows Users

Remcos RAT Malware Campaign Poses Persistent Threat to Windows Users

Cybersec Sentinel November 9, 2024 Threat Group: Various Cybercriminal Entities Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Phishing emails, CVE-2017-0199, multi-layer obfuscation Malware Used: Remcos RAT Threat Score: Medium Last Threat Observation: November 9, 2024 Overview Remcos RAT, a commercial RAT initially marketed as a legitimate tool for remote

Winos4.0 RAT Targets Gamers and Educational Institutions in New Malware Campaign

Winos4.0 RAT Targets Gamers and Educational Institutions in New Malware Campaign

Threat Group: Unknown Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Social engineering through gaming-related applications targeting Windows Malware Used: Winos4.0 Threat Score: High (8.5/10) — due to its sophisticated evasion, control functions, and targeting of gaming and educational sectors Last Threat Observation: November 6, 2024, by FortiGuard

APT36 Goes Cloudy ElizaRAT Puts Indian Systems in the Crosshairs

APT36 Goes Cloudy ElizaRAT Puts Indian Systems in the Crosshairs

Threat Group: APT36 (Transparent Tribe) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Windows, Linux-based espionage with cloud-based C2 communication Malware Used: ElizaRAT, ApoloStealer Threat Score: High (8.8/10) — Enhanced evasion and control tactics, leveraging multiple cloud services for concealment Last Threat Observation: November 2024 (AlienVault, Check Point Research)

SYS01 Malware Exploits Meta Business Ads to Steal Credentials

SYS01 Malware Exploits Meta Business Ads to Steal Credentials

Threat Overview Threat Group: Unknown, suspected Rilide malware affiliates Threat Type: Infostealer Malware Exploited Vulnerabilities: Browser credential storage, Facebook account access, Windows Task Scheduler Malware Used: SYS01 Infostealer Threat Score: High (8.5/10) — Due to sophisticated targeting of widely-used platforms, persistent evasion tactics, and expansive reach Last Threat Observation:

GHOSTPULSE Infiltration via MSIX Application Packages

GHOSTPULSE Infiltration via MSIX Application Packages

Threat Group: Unknown Threat Type: Multi-stage Malware Loader Exploited Vulnerabilities: DLL Side-loading, Module Stomping, Process Doppelgänging Malware Used: GHOSTPULSE Threat Score: High (8.5/10) — Due to advanced evasion techniques and targeting of commonly used software through deceptive MSIX packages. Last Threat Observation: October 30, 2024 Overview GHOSTPULSE is a

Espionage and Influence Meet Malware in UNC5812's Campaign Against Ukraine

Espionage and Influence Meet Malware in UNC5812's Campaign Against Ukraine

Threat Group: UNC5812 Threat Type: Hybrid Espionage and Influence Operation Exploited Vulnerabilities: Android and Windows vulnerabilities, including CVE-2024-47575 Malware Used: SUNSPINNER, PURESTEALER, CRAXSRAT, Pronsis Loader Threat Score: High (8.5/10) — due to multifaceted espionage and influence tactics targeting military sectors. Last Threat Observation: October 29, 2024 Overview UNC5812, a