Hudson Rock’s Cybercrime and Threat Intelligence Researcher, Leonid Rozenberg, Shares Insights About Infostealers and Security
Hudson Rock has been the go-to source for all things cybersecurity and infosec updates. Be it offering dark web intelligence or finding one’s own data on breach forums, Hudson Rock has been a torch bearer, bringing the latest updates to people. TechNadu reached out to the company to know how they work, what powers them, […]
CAPTCHA Chaos: From X Threads to Telegram
Cybercriminals are continuously evolving their tactics to exploit human behavior and trust. In one of the latest campaigns, attackers have weaponized fake CAPTCHA verification systems—tools typically used to verify a user’s legitimacy—to deliver malicious payloads. Introduction This campaign demonstrates an evolution from basic fake URL-based CAPTCHAs, seen in previous attacks, to a more sophisticated Telegram-based […]
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments: In this blog entry, we discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) designed to lure security researchers […]
How Cracks and Installers Bring Malware to Your Device
Key Takeaways Introduction The increase of fake installers bundled with info stealers is a growing threat for users looking for pirated software. These malicious programs disguise themselves as legitimate applications, often appearing in search results or comments on platforms like GitHub. Unfortunately, many users fall prey to these tricks. The Trend Micro™ Managed XDR service frequently sees the […]
Infostealer Logs to Fuel a New Wave of AWS Ransomware Attacks
Introduction Recent research from Halcyon has uncovered a novel approach by a threat actor — referred to as Codefinger — who is actively abusing Amazon Web Services (AWS) by leveraging its native features to facilitate ransomware attacks in the wild. This technique underlines a powerful shift in the cyber threat landscape: instead of exploiting infrastructure outside the victim’s cloud […]
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments: In this blog entry, we discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) designed to lure security researchers […]
Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics
Telefonica, a major telecommunications company, recently confirmed a breach in their internal ticketing system, which led to a significant data leak. The breach involved unauthorized access and extraction of sensitive information, including a vast amount of employee and operational data. Infostealer Malware and Social Engineering Tactics New information has emerged indicating that the breach was […]
“Can you try a game I made?” Fake Game Sites Lead to Information Stealers
The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers. Our thanks go out to them. A new, malicious campaign is making the rounds online and it starts simple: Unwitting targets receive a direct message (DM) on a Discord server asking about their interest in […]
Silent Threats, Strategic Insights: Harnessing Info Stealer Data for Better Decisions
The cybersecurity landscape is rife with challenges, but some threats are quieter, subtler — and deadlier. Info stealers, the silent operators of the malware world, have made headlines for their efficiency in siphoning off sensitive data. While their mechanics and prevalence are well-documented, the real question for decision-makers is not just what these threats are but how to effectively […]
North Korean Hackers Adopt Infostealer Spreading Tactics in Latest Campaign
In a recent campaign, North Korean threat actors have demonstrated a sophisticated approach by copying novel malware distribution techniques, notably those employed in the Clickfix campaigns. This strategy underscores their adaptability and awareness of cybercrime trends. The Attack Sequence The operation initiates with the attackers posing as recruiters on professional networking platforms like LinkedIn. They […]
Lumma 2024: Dominating the Info-Stealer Market
In this blog, we analyze the evolution of Lumma in 2024, based on the Diamond Model vertices. Disclaimer: Everything stated in this blog is for informational purposes only, with no intention of promoting the use of these products. Key Points Adversary Lumma (aka LummaC2, Lummac and Lumma Stealer) is an advanced information-stealing Malware-as-a-Service (MaaS) with Russian […]
Interview with Pryx Part 2: Diving Deeper into Server-Side Stealers & Other Interesting Chit-chats (Video Included)
In our previous interview with Pryx, the threat actor briefly touched upon the concept of server-side stealers claiming it to be completely different from how traditional info-stealers work. We were interested in learning more about this new innovative approach so we decided to dive deeper in a follow-up chat-based interview. This time, Pryx not only explained […]
