Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software.
Security researchers from threat intelligence firm Intel 471 first spotted AresLoader in November when it was advertised by a user with the monikers AiD Lock and DarkBLUP on Telegram and two well-known underground forums. AiD Lock is not a newcomer to malware development and was previously associated with the AiD Locker ransomware-as-a-service (RaaS) program as well as with a group called PHANTOM DEV or DeadXInject Hack.
To read this article in full, please click here
More Stories
Quishing Attacks Jump Tenfold, Attachment Payloads Halve
The figures come from Egress’s latest report, which also suggests secure email gateways lag behind tech advancements Read More
Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant
Mandiant has confirmed that Sandworm is responsible for many cyber-attacks against Ukraine has close ties with a Russian hacktivist group...
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication Read More
Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control
February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious...
3.5 million Omni Hotel guest details held to ransom by Daixin Team
The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down...
Police smash LabHost international fraud network, 37 arrested
Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide....