Infostealer Investigation Module – Analyzing Stolen Files (Hudson Rock)
Hudson Rock’s Infostealer Investigation Module provides cybersecurity professionals the ability to investigate all the data captured from an Infostealer infection of employees and customers at their organizations. Hudson Rock’s database, with tens of millions of computers infected worldwide, helps cybersecurity and law enforcement customers with their investigations. To learn more, visit www.hudsonrock.com/cavalier
Approaching Stealers Devs : A Brief Interview With AMOS (Atomic macOS Stealer)
To completely understand what’s going on in a market that has been growing in the last years I found mandatory to know which players are dominating it. Always remember that behind every user of the Internet there is another human like you, so if you can be kind enough to reach them and they agree, […]
Meet the Top 5 Threat Actors Exploiting Infostealers Data to Breach Companies
As Infostealers become increasingly favored by cybercriminals and hacking groups as a primary method for breaching companies, it’s crucial to stay informed about the key players leveraging these tools. In this article, we spotlight the top five hackers who are using Infostealers to infiltrate companies, providing insights into their tactics and the evolving landscape of […]
Infostealers AI Investigation Module – Threat Actor Deanonymization Use Case
Hudson Rock’s AI module adds an additional layer of research, which helps deanonymize suspicious users and aids in investigations. Hudson Rock’s database, with tens of millions of computers infected worldwide, helps cybersecurity and law enforcement customers with their investigations. To learn more, visit www.hudsonrock.com/cavalier
Improving the security of Chrome cookies on Windows
Cybercriminals using cookie theft infostealer malware continue to pose a risk to the safety and security of our users. We already have a number of initiatives in this area including Chrome’s download protection using Safe Browsing, Device Bound Session Credentials, and Google’s account-based threat detection to flag the use of stolen cookies. Today, we’re announcing another layer of protection to […]
Daolpu Infostealer: Full analysis of the latest malware exploited post CrowdStrike outage
While we all stand in unity with cyber and IT teams who have been working tirelessly to restore systems following last week’s CrowdStrike patch failure, cyber criminals continue to exploit the situation by launching phishing campaigns. Discovered on July 24th, 2024, the latest malware on the list is: Daolpu. A Word document containing macros that download […]
Lumma Stealer Packed with CypherIt Distributed Using Falcon Sensor Update Phishing Lure
Summary On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365[.]com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt. The domain was registered on July 23, 2024, days after July 19, 2024, when an issue present in a single content update […]
Hamster Kombat Players Threatened by Spyware & Infostealers
In the past few months, the Telegram clicker game Hamster Kombat has taken the world of cryptocurrency game enthusiasts by storm. Even though the gameplay, which mostly entails repeatedly tapping the screen of one’s mobile device, might be rather simple, players are after something more: the possibility of earning big once Hamster Kombat’s creators unveil […]
STARGAZERS GHOST NETWORK
Key Points Introduction Threat actors continually evolve their tactics to stay ahead of detection. Traditional methods of malware distribution via emails containing malicious attachments are heavily monitored, and the general public has become more aware of these tactics. Recently, Check Point Research observed threat actors using GitHub to achieve initial infections by utilizing new methods. Previously, GitHub […]
KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack
American cybersecurity company KnowBe4 says a person it recently hired as a Principal Software Engineer turned out to be a North Korean state actor who attempted to install information-stealing on its devices. The firm detected and stopped the malicious actions in time, so no data breach occurred. However, the case highlights the continued threat posed […]
Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer
On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal. Technical Analysis Lure Document The analyzed file, (SHA256 hash: ), is a Word document containing malicious macros. Upon execution, the macro […]
Infostealers AI Module – Online Behaviour Analysis (Hudson Rock)
Hudson Rock’s database, with tens of millions of computers infected worldwide, enables cybersecurity and law enforcement customers to investigate suspicious infected computers that are using login credentials to darknet websites. Our AI module adds an additional layer of research, which helps profile the behavior of suspicious users and aids in investigations. To learn more, visit […]
