Reeling in DarkGate Malware Attacks from the Beach


Last year, the number of malware attacks worldwide reached 6.08 billion. That’s a 10% increase compared with 2022. Why are cybercriminals developing so much malware? Because it is a vital tool to help them infiltrate businesses, networks or specific computers to steal or destroy sensitive data. or destroy sensitive data.

There are many types of malware infections. Here are just three examples – RYUK (ransomware), Astaroth (fileless malware), DarkGate (multifunctional malware). DarkGate is a notable example. It’s a sophisticated and adaptive piece of malware that’s designed to perform various malicious activities. This includes data theft, unauthorized access and system compromise.

Read more…
Source: Proofpoint


Sign up for our Newsletter


Related:

  • Accenture Confirms LockBit Ransomware Attack

    August 11, 2021

    08/13/21 08:42 UPDATE: Accenture reportedly acknowledged in an internal memo that attackers stole client information and work materials in a July 30 “security incident.” CyberScoop reports that the memo downplays the impact of the ransomware attack. The outlet quoted Accenture’s internal memo: “While the perpetrators were able to acquire certain documents that reference a small number ...

  • UNC215: Spotlight on a Chinese Espionage Campaign in Israel

    August 10, 2021

    This blog post details the post-compromise tradecraft and operational tactics, techniques, and procedures (TTPs) of a Chinese espionage group we track as UNC215. While UNC215’s targets are located throughout the Middle East, Europe, Asia, and North America, this report focuses on intrusion activity primarily observed at Israeli entities. This report comes on the heels of the ...

  • $600m in cryptocurrencies swiped from Poly Network servers after security snafu

    August 10, 2021

    Poly Network, a Chinese software biz that processes cryptocurrency transactions across different blockchain platforms, urged hackers to return $600m worth of stolen digital cash in what it called the “biggest in DeFi history.” DeFi stands for decentralised finance. Protocols like Poly Network allow cryptocurrency traders to exchange digicash across various blockchains; they can be used ...

  • eCh0raix ransomware now targets both QNAP and Synology NAS devices

    August 10, 2021

    A newly discovered eCh0raix ransomware variant has added support for encrypting both QNAP and Synology Network-Attached Storage (NAS) devices. This ransomware strain (also known as QNAPCrypt) first surfaced in June 2016, after victims began reporting attacks in a BleepingComputer forum topic. Read more… Source: Bleeping Computer  

  • Actively Exploited Windows Zero-Day Gets a Patch

    August 10, 2021

    Microsoft has patched 51 security vulnerabilities in its scheduled August Patch Tuesday update, including seven critical bugs, two issues that were publicly disclosed but unpatched until now, and one that’s listed as a zero-day that has been exploited in the wild. Of note, there are 17 elevation-of-privilege (EoP) vulnerabilities, 13 remote code-execution (RCE) issues, eight information-disclosure ...

  • Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising

    August 9, 2021

    In a previous blog entry, we reported on a campaign, which we labeled “Operation Overtrap,” that targeted Japan with a new banking trojan called Cinobi. The campaign, which was perpetrated by a group we named “Water Kappa,” delivered Cinobi via spam. It also delivered the trojan using the Bottle exploit kit, which included newer Internet ...