Russian hacktivists deploy new AresLoader malware via decoy installers

Read Time:38 Second

Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software.

Security researchers from threat intelligence firm Intel 471 first spotted AresLoader in November when it was advertised by a user with the monikers AiD Lock and DarkBLUP on Telegram and two well-known underground forums. AiD Lock is not a newcomer to malware development and was previously associated with the AiD Locker ransomware-as-a-service (RaaS) program as well as with a group called PHANTOM DEV or DeadXInject Hack.

To read this article in full, please click here

Volt Typhoon Accessed US OT Network for Nearly a Year

CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure

RIP Mark Klein

Chromecast chaos – 2nd gen devices go belly-up as Google struggles to fix certificate issue

‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality

Medusa ransomware: FBI and CISA urge organisations to act now to mitigate threat

Tech Complexity Puts UK Cybersecurity at Risk

VC Investment in Cyber Startups Surges 35%

UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data