Stealthy Mistic backdoor linked to ransomware access broker KongTuke

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, ...

Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that ...
Windows Report

Microsoft Teams Infrastructure Exploited by DragonForce's New Backdoor.Turn Malware

Researchers have uncovered Backdoor.Turn, a new DragonForce malware that abuses Microsoft Teams infrastructure to hide ...
SecurityWeek

Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets

Russia-linked APT Turla has been using the StockStay backdoor against government and military organizations in Ukraine.
SecurityWeek

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
CSO Online

Be on the lookout for Mistic, a new backdoor used by ransomware broker

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.
Bleeping Computer

RansomHub ransomware uses new Betruger ‘multi-function’ backdoor

A newly identified custom backdoor deployed in several recent ransomware attacks has been linked to at least one RansomHub ransomware-as-a-service (RaaS) operation affiliate. Symantec researchers who ...
Windows Report

Earth Lusca Used Windows SprySOCKS Malware to Target Government Organizations

ESET has uncovered Windows variants of the SprySOCKS malware used by Earth Lusca to target government organizations.
Security Boulevard

CryptoBandits Malware Doubles as Backdoor and Abuses Tor

What happened Microsoft warned about CryptoBandits, a Windows-based cryptocurrency clipper that also functions as a lightweight backdoor with data exfiltration and remote code execution capabilities.