Over the last two weeks, we saw that “from the beginning of 2022, we have dealt with six different strains of wiper malware targeting Ukraine: WhisperKill, WhisperGate, HermeticWiper, IsaacWiper, CaddyWiper, and DoubleZero. These attacks are notable on their own. But there’s been an elephant in the room by way of the rumored ‘satellite modem hack’. This particular attack goes beyond Ukraine.”
For more articles, check out our #onpatrol4malware blog.
Not So Lazarus: Mapping DPRK Cyber Threat Groups to Government Organizations
Source: MANDIANT
Mandiant believes that North Korea’s cyber capability supports both long-standing and immediate political and national security priorities, as well as financial goals. Read more.
Phishing-kit market: what’s inside “off-the-shelf†phishing packages
Source: SecureList Kaspersky
Phishing kits are ready-to-deploy packages that require the bare minimum effort to use. Moreover, their developers usually provide instructions with their products for inexperienced attackers. Read more.
AcidRain | A Modem Wiper Rains Down on Europe
Source: SentinelLabs
From the beginning of 2022, we have dealt with six different strains of wiper malware targeting Ukraine: WhisperKill, WhisperGate, HermeticWiper, IsaacWiper, CaddyWiper, and DoubleZero. Read more.
Remote Access Trojan Capable Of Conducting Ransomware & DDOS Activities
Source: CYBLE
During our regular OSINT research, Cyble Research Labs came across a new RAT named Borat. Unlike other RATs, the Borat provides Ransomware, DDOS, etc., to Threat Actors along with usual RAT features, further expanding the malware capabilities. Read more.
New UAC-0056 activity: There’s a Go Elephant in the room
Source: Malwarebytes LABS
In late March 2022, the Malwarebytes Threat Intelligence Team identified new activity from this group that targeted several entities in Ukraine, including ICTV, a private TV channel. Read more.