Reeling in DarkGate Malware Attacks from the Beach


Last year, the number of malware attacks worldwide reached 6.08 billion. That’s a 10% increase compared with 2022. Why are cybercriminals developing so much malware? Because it is a vital tool to help them infiltrate businesses, networks or specific computers to steal or destroy sensitive data. or destroy sensitive data.

There are many types of malware infections. Here are just three examples – RYUK (ransomware), Astaroth (fileless malware), DarkGate (multifunctional malware). DarkGate is a notable example. It’s a sophisticated and adaptive piece of malware that’s designed to perform various malicious activities. This includes data theft, unauthorized access and system compromise.

Read more…
Source: Proofpoint


Sign up for our Newsletter


Related:

  • Data-wiper malware strains surge as Ukraine battles ongoing invasion

    April 29, 2022

    Security researchers have detailed six significant strains of data-wiping malware that have emerged in just the first quarter of 2022, a huge surge over previous years. This increase coincides with the invasion of Ukraine, and all of these wipers have been used against that state’s infrastructure and organizations. One of the wipers also took wind turbines ...

  • Bumblebee malware loader emerges as Conti’s BazarLoader fades

    April 29, 2022

    A sophisticated malware loader dubbed Bumblebee is being used by at least three cybercriminal groups that have links to ransomware gangs, according to cybersecurity researchers. Gangs using Bumblebee have in the past used the BazarLoader and IcedID loaders – linked to high-profile ransomware groups Conti and Diavol. The emergence of Bumblebee coincides with the swift disappearance ...

  • CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine

    April 28, 2022

    CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper destructive malware. CISA and the FBI encourage organizations to ...

  • Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

    April 28, 2022

    Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to cyberattacks because security patches haven’t been applied. First detailed in December, the vulnerability (CVE-2021-44228) allows attackers to remotely execute code and gain access to systems that use Log4j. Not ...

  • Trello From the Other Side: Tracking APT29 Phishing Campaigns

    April 28, 2022

    Since early 2021, Mandiant has been tracking extensive APT29 phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia. This blog post discusses our recent observations related to the identification of two new malware families in 2022, BEATDROP and BOOMMIC, as well as APT29’s efforts to evade detection through retooling and abuse of Atlassian’s ...

  • Assembling the Russian Nesting Doll: UNC2452 Merged into APT29

    April 27, 2022

    Mandiant has gathered sufficient evidence to assess that the activity tracked as UNC2452, the group name used to track the SolarWinds compromise in December 2020, is attributable to APT29. This conclusion matches attribution statements previously made by the U.S. Government that the SolarWinds supply chain compromise was conducted by APT29, a Russia-based espionage group assessed to ...