A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors
Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Cyble — Demystifying Money Message Ransomware
CRIL analyses the anatomy of a new ransomware group named Money Message, which can encrypt network shares and target both Windows and Linux.
Cyble — Cl0p Ransomware: Active Threat Plaguing Businesses Worldwide
Cyble Research & Intelligence Labs analyzes Cl0p ransomware which is rapidly gaining attention for its success in extorting businesses.
‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide
Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
Pure coder offers multiple malware for sale in Darkweb forums
Italians Users Targeted By PureLogs Stealer Through Spam Campaigns
New Ransomware Strains Emerging from Leaked Conti’s Source Code
Cyble Research and Intelligence Labs analyzes multiple ransomware strains created based on leaked source code of Conti Ransomware.
Mallox Ransomware showing signs of Increased Activity
“TargetCompany” is a type of ransomware that was first identified in June 2021. The researchers named it TargetCompany ransomware because it adds the targeted company name as a file extension to the encrypted files. In September 2022, researchers identified a TargetCompany ransomware variant targeting Microsoft SQL servers and adding the “Fargo” extension to the encrypted files. TargetCompany ransomware is also known to add a “Mallox” extension after encrypting the files.
AXLocker, Octocrypt, and Alice: Leading a new wave of Ransomware Campaigns
Cyble analyzes a new wave of ransomware attacks being led by AXLocker, Octocrypt, and Alice ransomware and how they target Discord tokens.
Cyble Phishing ERMAC Android Malware Increasingly Active
CRIL Investigates the resurgence of ERMAC Android Malware as an increasing number of users are falling prey to their phishing attacks.
Fake Ransomware Infection Under widespread
Cyble Research and Intelligence Labs analyzes Fake ransomware, a destructive malware capable of wiping out system drives.
Bumblebee Returns with New Infection Technique
Delivers Payload Using Post Exploitation Framework During our routine threat-hunting exercise, Cyble Research & Intelligence Labs (CRIL) came across a Twitter post wherein a researcher mentioned an interesting infection chain of the Bumblebee loader malware being distributed via spam campaigns. Bumblebee is a replacement for the BazarLoader malware, which acts as a downloader and delivers known attack frameworks and open-source tools such as Cobalt Strike, Shellcode, Sliver, Meterpreter, etc. It also downloads other types of malware such as ransomware, trojans, etc.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Cyble — Demystifying Money Message Ransomware
CRIL analyses the anatomy of a new ransomware group named Money Message, which can encrypt network shares and target both Windows and Linux.
Cyble — Cl0p Ransomware: Active Threat Plaguing Businesses Worldwide
Cyble Research & Intelligence Labs analyzes Cl0p ransomware which is rapidly gaining attention for its success in extorting businesses.
‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide
Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
Pure coder offers multiple malware for sale in Darkweb forums
Italians Users Targeted By PureLogs Stealer Through Spam Campaigns
New Ransomware Strains Emerging from Leaked Conti’s Source Code
Cyble Research and Intelligence Labs analyzes multiple ransomware strains created based on leaked source code of Conti Ransomware.
Mallox Ransomware showing signs of Increased Activity
“TargetCompany” is a type of ransomware that was first identified in June 2021. The researchers named it TargetCompany ransomware because it adds the targeted company name as a file extension to the encrypted files. In September 2022, researchers identified a TargetCompany ransomware variant targeting Microsoft SQL servers and adding the “Fargo” extension to the encrypted files. TargetCompany ransomware is also known to add a “Mallox” extension after encrypting the files.
AXLocker, Octocrypt, and Alice: Leading a new wave of Ransomware Campaigns
Cyble analyzes a new wave of ransomware attacks being led by AXLocker, Octocrypt, and Alice ransomware and how they target Discord tokens.
Cyble Phishing ERMAC Android Malware Increasingly Active
CRIL Investigates the resurgence of ERMAC Android Malware as an increasing number of users are falling prey to their phishing attacks.
Fake Ransomware Infection Under widespread
Cyble Research and Intelligence Labs analyzes Fake ransomware, a destructive malware capable of wiping out system drives.
Bumblebee Returns with New Infection Technique
Delivers Payload Using Post Exploitation Framework During our routine threat-hunting exercise, Cyble Research & Intelligence Labs (CRIL) came across a Twitter post wherein a researcher mentioned an interesting infection chain of the Bumblebee loader malware being distributed via spam campaigns. Bumblebee is a replacement for the BazarLoader malware, which acts as a downloader and delivers known attack frameworks and open-source tools such as Cobalt Strike, Shellcode, Sliver, Meterpreter, etc. It also downloads other types of malware such as ransomware, trojans, etc.