| ID | Votes | Profile Description |
|---|---|---|
| Lumma | 10 | Lumma is a prominent malware, particularly known as an information stealer. It is delivered through various means, including suspicious downloads, emails, and websites. In one instance observed by Palo Alto Networks’ Unit 42, Lumma was sent over Latrodectus C2 in an infection chain. In another campa |
| Lummac2 Stealer | 1 | LummaC2 Stealer is a prominent malware that has been increasingly utilized for initial access or information stealing over the past year. This malicious software, which can infiltrate systems through suspicious downloads, emails, or websites, is designed to exploit and damage computers or devices by |
| Latrodectus | 1 | Latrodectus, a new type of malware discovered in late 2023, is being used by Initial Access Brokers (IABs) in email threat campaigns. Initially mistaken for a variant of the well-known IcedID malware due to similar characteristics, researchers at Proofpoint and Team Cymru S2 Threat Research Team hav |
| Lummac2 | 1 | LummaC2 is a relatively new information-stealing malware, first discovered in 2022. The malicious software has been under active development, with researchers identifying LummaC2 4.0 as a dynamic malware strain in November 2023. It's been used by threat actors for initial access or data theft, often |
| Jupyter Infostealer | 1 | The Jupyter Infostealer, also known as Yellow Cockatoo, SolarMarker, and Polazert, is a harmful malware that has been steadily evolving since 2020. This malicious software targets Chrome and Firefox browser data, exploiting and damaging systems it infiltrates. It can infect systems through suspiciou |
| Gozi | 1 | Gozi is a notorious malware that has been linked to numerous cyber attacks. It's typically delivered through sophisticated malvertising techniques, often used in conjunction with other initial access malware such as Pikabot botnet agent and IcedID information stealer. When an individual accesses a c |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Redline | Unspecified | 3 | RedLine is a malware designed to exploit and damage computer systems by stealing personal information, disrupting operations, or even holding data hostage for ransom. It has been identified as a favorite infostealer among threat actors selling logs through the marketplace 2easy, which also sells Rac |
| Redline Stealer | Unspecified | 3 | RedLine Stealer is a type of malware that has been causing significant disruption in the digital landscape. This malicious software infiltrates computer systems, often without the user's knowledge, via suspicious downloads, emails, or websites, and then proceeds to steal personal information, disrup |
| Magecart | Unspecified | 2 | Magecart is a consortium of malicious hacker groups known for their attacks on online shopping cart systems, specifically the Magento system, with the intent to steal customer payment card information. This malware, short for malicious software, can infiltrate systems through suspicious downloads, e |
| Mozi | Unspecified | 2 | Mozi is a type of malware, a malicious software designed to exploit and damage computer systems or devices. It can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, Mozi has the potential to steal personal information, disrupt oper |
| Vidar | Unspecified | 2 | Vidar is a Windows-based malware written in C++, derived from the Arkei stealer, which is designed to infiltrate and exploit computer systems. It has been used alongside other malware variants such as Emotet, IcedID, CobaltStrike, SVCReady, CargoBay, Pushdo, Minodo, DiceLoader, AresLoader, LummaC2, |
| Netsupport Rat | Unspecified | 2 | NetSupport RAT is a type of malware that can significantly compromise an organization's digital security. Originally derived from the legitimate NetSupport Manager, a remote technical support tool, this malware infects systems through suspicious downloads, emails, or websites, often unbeknownst to t |
| Smoke Loader | Unspecified | 1 | Smoke Loader is a prominent type of malware identified by the SCPC SSSCIP, used in recent attacks primarily targeting Ukrainian organizations. This malicious software is often delivered via IPFS links by malware families such as Smoke Loader, XLoader, XMRig, and OriginLogger, disrupting operations a |
| Eugenloader | Unspecified | 1 | EugenLoader, also known as FakeBat, is a form of malware that was detected by Microsoft in mid-November 2023. It was distributed by an initial access broker known as Storm-1113 through search advertisements mimicking the Zoom app, with the malware delivered via bogus MSIX installers masquerading as |
| Netsupport Manager | Unspecified | 1 | NetSupport Manager is a malicious software (malware) that poses significant threats to computer systems and networks. It is often disguised as legitimate software or tools, such as the 7-zip compression utility or a fake Chrome browser update, to trick users into downloading and installing it. Once |
| Ursnif | Unspecified | 1 | Ursnif, also known as Gozi or ISFB, is a type of malware that poses significant threats to computer systems and user data. It's often distributed through suspicious downloads, emails, or websites, infiltrating systems without the user's knowledge. Once installed, Ursnif can steal personal informatio |
| Zloader | Unspecified | 1 | ZLoader is a type of malware, malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it has the capacity to steal personal information, disrupt operations, or even ho |
| Raccoon Stealer | Unspecified | 1 | Raccoon Stealer is a form of malware that was first identified in 2019. Developed by Russian-speaking coders and initially promoted on Russian-language hacking forums, the malicious software was designed to steal sensitive data from victims, including credit card information, email credentials, and |
| Rescoms | Unspecified | 1 | Rescoms, a malicious software (malware), has been widely used by threat actors in various information-stealing campaigns. According to an ESET report, the malware was distributed using Rugmi, which contains a downloader for the encrypted payload and two other loaders. The malware was used alongside |
| Mozi Botnet | Unspecified | 1 | The Mozi botnet, a form of malware, wreaked havoc on the internet from 2019 to 2023. During this period, it became the largest botnet in existence, incorporating over 1.5 million unique devices into its network. The botnet primarily exploited known vulnerabilities in NETGEAR DGN devices and JAWS web |
| Sectop Rat | Unspecified | 1 | None |
| Rhadamanthys | Unspecified | 1 | Rhadamanthys is a malicious software (malware) that has been leveraged by the threat actor group TA547 to target German organizations. The malware, which infiltrates systems through suspicious downloads, emails, or websites, can steal personal information, disrupt operations, or hold data for ransom |
| Amadey Loader | Unspecified | 1 | Amadey Loader is a type of malware, a malicious software designed to infiltrate and damage computer systems. It can stealthily enter systems through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom |
| Vidar Stealer | Unspecified | 1 | Vidar Stealer is a prolific infostealer malware that operates on a malware-as-a-service model, sold through ads and forums on the dark web and Telegram groups. It's designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data for ransom. Th |
| Aurora | Unspecified | 1 | Aurora is a type of malware designed to exploit and damage computer systems, often through suspicious downloads, emails, or websites. It has been used in a series of high-profile cyber-attacks over the years, with notable instances such as Operation Aurora in 2009, which targeted major technology co |
| Jupyter | Unspecified | 1 | Jupyter, also known as SolarMarker, Yellow Cockatoo, and Jupyter Infostealer, is a malware that has been steadily evolving since 2020. This malicious software targets sectors such as education, healthcare, and small to medium-sized enterprises (SMEs). It is designed to exploit and damage computer sy |
| Raccoon | Unspecified | 1 | Raccoon is a highly potent and cost-effective Malware-as-a-Service (MaaS) primarily sold on dark web forums, used extensively by Scattered Spider threat actors to pilfer sensitive data. As per the "eSentire Threat Intelligence Malware Analysis: Raccoon Stealer v2.0" report published on August 31, 20 |
| Netsupport | Unspecified | 1 | NetSupport is a malicious software (malware) that has been used in various cyberattacks, including the Royal Ransomware attack and assaults by former ITG23 members. It can infiltrate systems through suspicious downloads, emails, or websites and then steal personal information, disrupt operations, or |
| IcedID | Unspecified | 1 | IcedID is a malicious software (malware) designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Medusa | Unspecified | 1 | Medusa, a threat actor group, has been identified as a rising menace in the cybersecurity landscape, with its ransomware activities escalating significantly. In November 2023, Medusa and other groups like LockBit and ALPHV (BlackCat) exploited a zero-day vulnerability known as Citrix Bleed (CVE-2023 |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
No associations to display |
| Source | CreatedAt | Title |
|---|---|---|
| Checkpoint | 3 days ago | Stargazers Ghost Network - Check Point Research |
| Unit42 | 3 days ago | Accelerating Analysis When It Matters |
| ESET | 24 days ago | Hijacked: How hacked YouTube channels spread scams and malware |
| ESET | a month ago | ESET Threat Report H1 2024 |
| DARKReading | a month ago | Cut & Paste Tactics Import Malware to Unwitting Victims |
| Pulsedive | 2 months ago | Pulsedive Blog | Latrodectus Threat Research |
| InfoSecurity-magazine | 2 months ago | Russian Actors Weaponize Legitimate Services in Multi-Malware Attack |
| ESET | 3 months ago | Bitcoin scams, hacks and heists – and how to avoid them |
| Securityaffairs | 3 months ago | TA547 targets German organizations with Rhadamanthys malware |
| InfoSecurity-magazine | 4 months ago | YouTube Video Game ‘Hacks’ Contain Malware Links |
| CERT-EU | 5 months ago | Scammers Rake in $600K with Deepfakes and QR Codes | #youtubescams | #lovescams | #datingscams | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting |
| ESET | 6 months ago | ESET Research Podcast: ChatGPT, the MOVEit hack, and Pandora |
| CERT-EU | 6 months ago | YouTube Crypto Con: Scammers Rake in $600K with Deepfakes and QR Codes |
| CERT-EU | 6 months ago | Cyber Security Week In Review: January 12, 2024 |
| CERT-EU | 7 months ago | Active PikaBot loader malware deployment in spam campaigns reported |
| CERT-EU | 7 months ago | LockBit claims Capital Health attack |
| CERT-EU | 7 months ago | World Council of Churches subjected to ransomware attack |
| CERT-EU | 7 months ago | Crypto drainers spread via hijacked Netgear, Hyundai X accounts |
| CERT-EU | 7 months ago | New Silver RAT malware actively peddled to cybercriminals |
| CERT-EU | 7 months ago | Infostealers Abuse Google OAuth Endpoint to ‘Revive’ Cookies, Hijack Accounts |