A glut of wiper malware hits Ukrainian targets

ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. Simultaneously, the Ukranian CERT has confirmed that the attackers who recently aimed to disrupting the operation of the National News Agency of Ukraine (Ukrinform) used various wiper malware and one […]

Continue Reading

GuLoader fait des ravages dans le secteur du e-commerce

En décembre dernier, les nouvelles techniques adoptées par le diffuseur de malware GuLoader ont été dévoilées. Ce malware a la capacité d’échapper aux contrôles de détection de différents systèmes de sécurité, ce qui le rend particulièrement malléable pour les cybercriminels souhaitant améliorer leurs attaques. The post GuLoader fait des ravages dans le secteur du e-commerce […]

Continue Reading

Sandworm APT group hit Ukrainian news agency with five data wipers

The Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country’s national news agency, Ukrinform. On January 17, 2023, the Telegram channel “CyberArmyofRussia_Reborn” reported the compromise of the systems at the Ukrainian National Information Agency “Ukrinform”. The Ukrainian Computer Emergency Response Team (CERT-UA) immediately investigated the claims and as of January 27, […]

Continue Reading

New Research Uncovers Threat Actor Behind Infamous Golden Chickens Malware-as-a-Service

The identity of the individual behind the Golden Chickens malware-as-a-service has been uncovered by cybersecurity experts. The perpetrator, known online as “badbullzvenom,” has been identified in the real world. An extensive 16-month investigation by eSentire’s Threat Response Unit revealed that the badbullzvenom account was linked to multiple individuals, as outlined in the unit’s recently published […]

Continue Reading

UNC2565 threat actors continue to improve the GOOTLOADER malware

The threat actors behind the GOOTLOADER malware continues to improve their code by adding new components and implementing new obfuscation techniques. Mandiant researchers reported that the UNC2565 group behind the GOOTLOADER malware (aka Gootkit) continues to improve their code by adding new components and implementing new obfuscation techniques. Gootkit runs on an access-a-as-a-service model, it is used […]

Continue Reading

Security Affairs newsletter Round 404 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper […]

Continue Reading

Copycat Criminals mimicking Lockbit gang in northern Europe

Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. Executive Summary During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The recent Hive infrastructure takedown as well as other major gangs dissolution such as Conti in 2022, is making […]

Continue Reading

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. #BREAKING On January 25th […]

Continue Reading