threatintel

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

March 15, 2023

Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023....

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

March 15, 2023

A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of...

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

March 15, 2023

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss...

Malware Analysis – djvu – b01a1b1c19436e4c9c7ba4c8050cf01d

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: b01a1b1c19436e4c9c7ba4c8050cf01dSHA1: a8ea730e1acc73846b478447333d915efa5eb974ANALYSIS DATE: 2023-03-15T09:10:59ZTTPS: T1005, T1081, T1012, T1053,...

Malware Analysis – discovery – daad86ad18d95c4439cbc00e1c717128

March 15, 2023

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: daad86ad18d95c4439cbc00e1c717128SHA1: 089dccbb5bc3ab13481ca73803ba4af8a45bae7bANALYSIS DATE: 2023-03-15T09:09:23ZTTPS: T1012, T1060, T1082, T1112, T1042 ScoreMeaningExample10Known badA malware family...

Malware Analysis – amadey – 0ca5cd39526bb33fca90e5cdf0d0ac5d

March 15, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:rhadamanthys, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, loader, persistence, ransomware, spyware, stealer,...

Malware Analysis – ransomware – df4ccdcc93d82240feeb83abf41683d7

March 15, 2023

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: df4ccdcc93d82240feeb83abf41683d7SHA1: 0d48b5dc98e65ceed2a99448a8df3e2f4702250aANALYSIS DATE: 2023-03-15T09:11:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – discovery – 3b02025002ceb06c4ce1c9c778232664

March 15, 2023

Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, persistenceMD5: 3b02025002ceb06c4ce1c9c778232664SHA1: 2aeb8b0adb9cc4f198a9f4d907a28ffd2961caf5ANALYSIS DATE: 2023-03-15T10:51:32ZTTPS: T1031, T1562, T1489, T1012, T1112, T1082, T1222, T1060...

Malware Analysis – djvu – 5b5166499d4e1bae9260f07e2a6b7425

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 5b5166499d4e1bae9260f07e2a6b7425SHA1: ad20dadfb4af16d2f7cafa0777652d0fd7bd4ad0ANALYSIS DATE: 2023-03-15T10:27:07ZTTPS: T1222, T1082, T1012, T1053,...

Malware Analysis – amadey – 3fa6103e5d25ff85e7dfe9e61d2b1d2a

March 15, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: 3fa6103e5d25ff85e7dfe9e61d2b1d2aSHA1: 1a8fd33ce1a619beee47b2798dcfbeadbcd17419ANALYSIS DATE:...

Malware Analysis – djvu – 198676e50dabce25f8bdb7f6e1ecbec9

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 198676e50dabce25f8bdb7f6e1ecbec9SHA1: 79973d12b610dc0787260180b368487d3ce67213ANALYSIS DATE: 2023-03-15T11:45:06ZTTPS: T1130, T1112, T1060, T1053,...

Malware Analysis – djvu – 70d66d43809da468071f45d812aac404

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 70d66d43809da468071f45d812aac404SHA1: cba1c347b410a77c8ff3066052d870a8f1505c4cANALYSIS DATE: 2023-03-15T11:22:06ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – smokeloader – 1cb2590e0e278ac08f7b350e278d02be

March 15, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 1cb2590e0e278ac08f7b350e278d02beSHA1: d31d69d7e761ef7ef59c57703d8337a2df800693ANALYSIS DATE: 2023-03-15T11:41:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

March 15, 2023

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue...

Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects

March 15, 2023

A widespread malicious cyber operation has hijacked thousands of websites aimed at East Asian audiences to redirect visitors to adult-themed...

How to Apply NIST Principles to SaaS in 2023

March 15, 2023

The National Institute of Standards and Technology (NIST) is one of the standard-bearers in global cybersecurity. The U.S.-based institute's cybersecurity...

Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware

March 15, 2023

Threat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as Raccoon,...

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

March 15, 2023

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral...

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

March 15, 2023

Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two...

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities

March 15, 2023

Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet...

The Prolificacy of LockBit Ransomware

March 15, 2023

Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat...

Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

March 15, 2023

An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability...

Malware Analysis – – 03272cfc7159f032e97bc1a792895115

March 15, 2023

Score: 7 MALWARE FAMILY: TAGS:MD5: 03272cfc7159f032e97bc1a792895115SHA1: 96c28d99e70beff0c5d4f86005d7273230e3f9a4ANALYSIS DATE: 2023-03-15T03:03:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – db8b00bc6ed976ed0fe41f358669ea76

March 15, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: db8b00bc6ed976ed0fe41f358669ea76SHA1: d0f4b3244c98e04c9d53d3ddb5588e3b8cedcbb7ANALYSIS DATE: 2023-03-15T03:23:04ZTTPS: T1012, T1005, T1081, T1082,...

threatintel

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

Malware Analysis – djvu – b01a1b1c19436e4c9c7ba4c8050cf01d

Malware Analysis – discovery – daad86ad18d95c4439cbc00e1c717128

Malware Analysis – amadey – 0ca5cd39526bb33fca90e5cdf0d0ac5d

Malware Analysis – ransomware – df4ccdcc93d82240feeb83abf41683d7

Malware Analysis – discovery – 3b02025002ceb06c4ce1c9c778232664

Malware Analysis – djvu – 5b5166499d4e1bae9260f07e2a6b7425

Malware Analysis – amadey – 3fa6103e5d25ff85e7dfe9e61d2b1d2a

Malware Analysis – djvu – 198676e50dabce25f8bdb7f6e1ecbec9

Malware Analysis – djvu – 70d66d43809da468071f45d812aac404

Malware Analysis – smokeloader – 1cb2590e0e278ac08f7b350e278d02be

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects

How to Apply NIST Principles to SaaS in 2023

Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities

The Prolificacy of LockBit Ransomware

Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

Malware Analysis – – 03272cfc7159f032e97bc1a792895115

Malware Analysis – djvu – db8b00bc6ed976ed0fe41f358669ea76

[QILIN] – Ransomware Victim: Culver’s Lawn & Landscape, Inc[.]

[PAYOUTSKING] – Ransomware Victim: T****n

[PAYOUTSKING] – Ransomware Victim: G*****

CVE Alert: CVE-2025-7514

CVE Alert: CVE-2025-7513

You may have missed