Malware - Cybersec Sentinel (Page 7)

Malware

A collection of 158 posts

The New Ransomware Menace Vgod Gains Momentum

The New Ransomware Menace Vgod Gains Momentum

Threat Group – Vgod Crew Threat Type – Ransomware Exploited Vulnerabilities – Unpatched remote code execution flaws, vulnerabilities in VPNs, weak passwords Malware Used – Vgod Ransomware, Custom Trojanized Toolsets Threat Score – High (8.7 out of 10) – Reflecting advanced encryption, double extortion tactics, cross-platform targeting, and alignment with broader ransomware trends Last Threat

Google Calendar Vulnerability Exposes Users to Phishing

Google Calendar Vulnerability Exposes Users to Phishing

Threat Group: - Unknown Threat Actors Threat Type: - Phishing/Malware Distribution Exploited Vulnerabilities: - Social engineering via calendar invitations Malware Used: - Various malware strains delivered through phishing links Threat Score: - Medium (7.2/10) – Exploits user trust in a widely used platform and bypasses traditional email security.

FINALDRAFT Malware Abuses Microsoft Services Stay One Step Ahead

FINALDRAFT Malware Abuses Microsoft Services Stay One Step Ahead

Threat Group: REF7707 Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Abuse of Microsoft Graph API, Credential Theft via NTLM Hashes Malware Used: FINALDRAFT, PATHLOADER Threat Score: High (8.5/10) – Due to its advanced evasion techniques, use of legitimate cloud-based services for C2 communication, and its ability to compromise

SystemBC RAT Poses New Risks to Linux System

SystemBC RAT Poses New Risks to Linux System

Threat Group: Various Cybercriminal Groups Threat Type: Remote Access Trojan (RAT) and Proxy Malware Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on various propagation methods Malware Used: SystemBC (also known as Coroxy or DroxiDat) Threat Score: High (8.5/10) – Due to its cross-platform targeting capabilities, advanced evasion techniques, and

LegionLoader Malware Expands Global Reach

LegionLoader Malware Expands Global Reach

Threat Group: Unknown Threat Type: Downloader Malware Exploited Vulnerabilities: Various, including drive-by downloads and malicious browser extensions Malware Used: LegionLoader (also known as Satacom, RobotDropper, CurlyGate) Threat Score: High (8.5/10) – Due to its evolving capabilities, use of legitimate platforms for distribution, and focus on cryptocurrency theft. Last Threat

FERRET Malware Targets macOS in Sophisticated North Korean Attacks

FERRET Malware Targets macOS in Sophisticated North Korean Attacks

Threat Group: Lazarus Group (also known as Andariel, APT38, Hidden Cobra) Threat Type: Advanced Persistent Threat (APT) Exploited Vulnerabilities: Social engineering tactics, including spear-phishing and fake job lures Malware Used: FERRET Malware Family (including variants such as FlexibleFerret, InvisibleFerret, BeaverTail) Threat Score: High (8.5/10) – Due to its sophisticated

Astral Stealer Strikes Again Stealing More Than Just Your Cookies

Astral Stealer Strikes Again Stealing More Than Just Your Cookies

Threat Type: Information Stealer Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on user execution and social engineering tactics. Malware Used: Astral Stealer Threat Score: High (9.0/10) Last Threat Observation: January 31, 2025 Overview Astral Stealer is an advanced information-stealing malware designed to extract sensitive data from compromised systems.

From Stealers to Ransomware PureCrypter Delivers It All

From Stealers to Ransomware PureCrypter Delivers It All

Threat Group: - Unknown (Distributed by cybercriminals through various malware-as-a-service campaigns) Threat Type: - Malware Loader Exploited Vulnerabilities: - Primarily relies on phishing emails with malicious attachments or links Malware Used: - PureCrypter Threat Score: - High (8.2/10) – Due to its ability to deliver multiple malware strains and

Murdoc Botnet Threatens IoT Security Worldwide

Murdoc Botnet Threatens IoT Security Worldwide

Threat Group: - Murdoc Botnet Threat Type: - Botnet / Malware Exploited Vulnerabilities: - CVE-2024-7029, CVE-2017-17215 Malware Used: - Murdoc Botnet Variant of Mirai Threat Score: - High (8.7/10) – Due to its exploitation of IoT vulnerabilities and rapid global spread. Last Threat Observation: - January 2025 Overview The Murdoc

InvisibleFerret Malware Leveraging Python for Targeted Attacks

InvisibleFerret Malware Leveraging Python for Targeted Attacks

Threat Group: North Korean Threat Actors (e.g., Lazarus Group) Threat Type: Backdoor Malware Exploited Vulnerabilities: None (Relies on social engineering and malicious delivery) Malware Used: InvisibleFerret (Python-based backdoor), BeaverTail (JavaScript-based stealer and loader) Threat Score: High (8.8/10) – High impact due to complex multi-stage infection and data exfiltration