9 matches found
Socks5Systemz Proxy Botnet Infects 10,000 Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A sophisticated proxy botnet known as Socks5Systemz has insidiously infiltrated over 10,000 computers by employing the PrivateLoader and Amadey malware loaders. The masterminds behind this botnet offer...
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
In what's the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure. Discord, in recent years, has become a lucrative...
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed to deliver two novel payloads dubbed CopperStealth and CopperPhish. Trend Micro is tracking the financially motivated group under the name Water Orthrus. The adversary is...
PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware
The pay-per-install PPI malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware dubbed RisePro. Flashpoint spotted the newly identified stealer on December 13, 2022, after it discovered "several sets of logs" exfiltrated...
Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services
Cybersecurity researchers have exposed new connections between a widely used pay-per-install PPI malware service known as PrivateLoader and another PPI platform offered by a cybercriminal actor dubbed ruzki. "The threat actor ruzki aka les0k, zhigalsz advertises their PPI service on underground...
Hackers Using PrivateLoader PPI Service to Distribute New NetDooka Malware
A pay-per-install PPI malware service known as PrivateLoader has been spotted distributing a "fairly sophisticated" framework called NetDooka, granting attackers complete control over the infected devices. "The framework is distributed via a pay-per-install PPI service and contains multiple parts...
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
This report focuses on the components and infection chain of the NetDooka framework. Its scope ranges from the release of the first payload up until the release of the final RAT that is protected by a kernel driver...
Malware families using Pay-Per-Install service to expand targets
By Owais Sultan The PrivateLoader is a Pay-Per-Install malware PPI that delivers a wide variety of malware. Including Vidar, Raccoon, Redline,… This is a post from HackRead.com Read the original post: Malware families using Pay-Per-Install service to expand targets...
Several Malware Families Using Pay-Per-Install Service to Expand Their Targets
A detailed examination of a Pay-per-install PPI malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021. Loaders are malicious programs used for loading...