Indian Taxpayers face a Multifaceted Threat with Drinik Malware’s Return
Cyble analyses the latest version of the Drinik malware, featuring newly added functionalities targeting Indian taxpayers.
Cyble analyses the latest version of the Drinik malware, featuring newly added functionalities targeting Indian taxpayers.
Cyble Research and Intelligence Labs analyzes the Emerging PySilon Discord RAT and Explores its Versatile functionalities.
Key Takeaways Overview Cyble Research & Intelligence Labs (CRIL) came across a typosquatted domain of Sophos, “sopbos[.]com”, using a VirusTotal search. The phishing site impersonates the installation of the Sophos Home. The initial infection vector is unclear at this time as we could not trace how users would be directed to this phishing site. Based …
Covert Delivery of Cobalt Strike Beacon via Sophos Phishing Website Read More »
Key Takeaways • Cyble Research and Intelligence Labs (CRIL) came across Python malware capturing screenshots and sending them over FTP to remote attackers.• Proofpoint has observed similar campaigns in the recent past targeting the United States and Germany, with the perpetrator tracked as “TA866”.• This particular campaign targets Tatar language-speaking users who primarily reside in …
Tatar-Language Users in the Crosshairs of Python Screenshotter Read More »
Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) identified a new Android Spyware campaign using VirusTotal intelligence. The campaign has been conducted by a China-linked Threat Actor specifically targeting Android users in South Korea since the beginning of July 2023. This Android Spyware can steal sensitive information, including contacts, SMS messages, call logs, images, …
Android Users in South Korea targeted by spyware linked to Chinese Threat Actor Read More »
Cyble Research and Intelligence Labs uncovers a possible crafty imitator of the infamous NoEscape Ransomware.