Category: Malware
-
Bootkitty UEFI bootkit malware for Linux
Bootkitty is a type of advanced bootkit malware targeting Linux systems, specifically compromising the Unified Extensible Firmware Interface (UEFI) to achieve persistence and control over the boot process. Bootkitty exploits the Linux security vulnerability (CVE-2023-40238), known as LogoFAIL, to infect computers running on a vulnerable UEFI firmware. Key Features of Bootkitty on Linux: Detection and…
-
Operation Synergia II
Operation Synergia II, led by INTERPOL in 2024, targeted cybercrime infrastructure across 95 countries. The operation focused on 22,000 IP addresses linked to criminal activities, including phishing, malware, and ransomware. Key outcomes included the dismantling of illegal networks, the seizure of 59 servers, 43 electronic devices, and the arrest of 41 suspects. Collaborative efforts between…
-
RansomHub
RansomHub is a cybercriminal group operating a ransomware-as-a-service (RaaS) model that emerged in early 2024. It evolved from cybercriminal groups formerly known as Cyclops and Knight, and has recently attracted high-profile affiliates from other prominent variants such as LockBit and ALPHV. Here are some key points about the RansomHub cybercriminal group: RansomHub’s combination of sophisticated…
-
BlackBasta
The BlackBasta cybercriminal group is a relatively new but rapidly evolving ransomware group that emerged in 2022. This group is known for its sophisticated attack methods and significant impact on various industries. Here are some precise details about the group: The BlackBasta group exemplifies the growing trend of ransomware-as-a-service (RaaS), where ransomware developers lease their…
-
LockBit
LockBit is a cybercriminal group proposing ransomware as a service (RaaS), which means they provide their ransomware to other threat actors through an affiliate model. This allows different cybercriminals to use their ransomware toolkit in exchange for a percentage of the ransom payments. The group emerged around 2019 and has since gained notoriety for its…
-
Polymorphic malware
Polymorphic malware refers to a type of malicious software that can change its code or appearance every time it infects a new system or device. The primary purpose of polymorphic malware is to evade detection by traditional antivirus and security software. Here’s how polymorphic malware works: Polymorphic malware is a significant challenge for cybersecurity professionals…
-
Malware
Malware is a broad and encompassing term used in computer security to refer to any type of malicious software specifically designed to infiltrate, damage, or gain unauthorized access to computer systems, networks, or devices, often with harmful intent. The term “malware” is a combination of “malicious” and “software,” highlighting its malicious nature. Malware can take…
-
Conti ransomware
Conti is a notorious ransomware that has been observed since 2020, believed to be distributed by a Russia-based group. It operates as a ransomware-as-a-service (RaaS), enabling other cybercriminals to deploy this malware for their own purposes. Conti is particularly known for its utilization of double extortion techniques, where it not only encrypts victim’s files but…