Month: August 2019

More than 400 Dental Offices Suffers Sodinokibi Ransomware Attack

Delaware, USA – August 30, 2019 – Last weekend, another large-scale ransomware attack targeting US companies took place, and it seems that average ransom payment will once again shoot upwards this quarter. Adversaries compromised PercSoft, a cloud management provider for Digital Dental Record, who provides online data backup service archiving medical records and other information […]

Read More
New TrickBot Modules Collect Data to Perform SIM Swapping Attacks

Delaware, USA – August 29, 2019 – Not only MegaCortex ransomware gained new features over this summer preparing to autumn campaigns. During August, Trickbot sequentially received three modules to attack users of US-based mobile carriers: Verizon Wireless, T-Mobile, and Sprint. SecureWorks researchers discovered that new trojan versions harvest PIN code of these operators when a […]

Read More
New Details on Hexane Group Campaigns

Delaware, USA – August 28, 2019 – New details of Hexane group operations show how proven techniques and tools, as well as some custom malware pieces, allow the threat actor to effectively attack oil and gas companies in the Middle East. The cybersecurity company Dragos Inc was the first to report the group after they […]

Read More
Emotet Botnet Comes Back From Summer Vacation

Delaware, USA – August 27, 2019 – Emotet botnet like a relic monster of cyberspace has woken up and is preparing to strike a new blow. Earlier this year, the known command-and-control infrastructure of the botnet disappeared from researchers’ radars, presumably for maintenance and modification. As expected, this did not last too long, and on […]

Read More
Asruex Backdoor Spreads via Infected Documents

Delaware, USA – August 23, 2019 – DarkHotel group (aka APT-C-06) modified Asruex backdoor, adding the capability of infecting PDFs, Word documents, and executables to spread infection within a targeted organization. The group is known for its stealth attacks, sophisticated techniques, and access to zero-day vulnerabilities, even more interesting is a fresh sample of their […]

Read More
NanoCore RAT is Offered for Free on a DarkNet Forum

Delaware, USA – August 22, 2019 – The fresh version of NanoCore RAT emerged on an underground forum despite the fact that its author is sentenced to 33 months imprisonment. LMNTRIX Labs discovered a relatively new version of the trojan with modifications, which is available to any user of the forum. Nanocore has been used […]

Read More
Silence Group Includes Fileless Tools In Their Arsenal

Delaware, USA – August 21, 2019 – In the three years since its inception, the financially motivated Silence group has stolen more than $4 million from banks located in Europe, Asia, Africa, and Latin America. In 2016, the group consisted of supposedly two people and effectively operated exclusively within the CIS. This spring, Silence group […]

Read More
Malspam Campaign Delivers Adwind RAT to the Companies from the Utility Industry

Delaware, USA – August 20, 2019 – The new campaign focuses on national grid utilities infrastructure. Unknown attackers sent spam emails from the compromised account of Friary Shoes employee, which successfully bypassed email filters of companies from the utilities sector. Cofense researchers analyzed malicious emails and discovered domain registered on August, 3 to host Adwind […]

Read More
Ransomware Attack Disables 23 Government Agencies in Texas

Delaware, USA – August 19, 2019 – The Texas Department of Information Resources reported a coordinated ransomware attack on Government Agencies. The attack occurred on Friday, August 16, at least 23 agencies were hit by ransomware, most of which are smaller local governments. The list of victims has not yet been disclosed, but the report […]

Read More
DanaBot Follows the Pass of Emotet and Trickbot Malware

Delaware, USA – August 16, 2019 – DanaBot banking Trojan continues to attack European countries. Webroot discovered a new campaign that targeted German users. DanaBot appeared about a year and a half ago, and in the first months, all campaigns were aimed only at Australia. In the fall, malware authors entered the world market, several […]

Read More