Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2026/04/21 6:18 p.m.13 views

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

Threat actors associated with The Gentlemen ransomware‑as‑a‑service RaaS operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control C2 or C&C server linked to SystemBC has led to the discover...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/24 6:36 a.m.54 views

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

A new "all-in-one" stealer malware named EvilExtractor also spelled Evil Extractor is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "I...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/18 9:5 a.m.52 views

Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access

The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB h...

6.7AI score
Exploits0
hivepro
hivepro
added 2022/12/15 2:5 p.m.13 views

Mallox Ransomware is Ramping up its Operation

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mallox ransomware strains have been spotted in the wild, indicating that the ransomware is operational, propagating rapidly, and infecting entities. An unknown .NET-based loader distributes these Mallox...

2.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/03 5:40 p.m.54 views

Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers

A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 aka Carbanak group. This link "could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups,...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/16 12:4 p.m.33 views

Avaddon Ransomware Gang Evaporates Amid Global Crackdowns

Ransomware group Avaddon has decided to shutter its criminal enterprise after landing in the crosshairs of law-enforcement agencies in the U.S. and Australia. Avaddon, a prolific ransomware-as-a-service RaaS provider, released its decryption keys to BleepingComputer — 2,934 in total — with each k...

7.3AI score
Exploits0References12
Rows per page
Query Builder