Reeling in DarkGate Malware Attacks from the Beach


Last year, the number of malware attacks worldwide reached 6.08 billion. That’s a 10% increase compared with 2022. Why are cybercriminals developing so much malware? Because it is a vital tool to help them infiltrate businesses, networks or specific computers to steal or destroy sensitive data. or destroy sensitive data.

There are many types of malware infections. Here are just three examples – RYUK (ransomware), Astaroth (fileless malware), DarkGate (multifunctional malware). DarkGate is a notable example. It’s a sophisticated and adaptive piece of malware that’s designed to perform various malicious activities. This includes data theft, unauthorized access and system compromise.

Read more…
Source: Proofpoint


Sign up for our Newsletter


Related:

  • Finding and Decoding Multi-Step Obfuscated Malware

    February 2, 2021

    Recently, in the process of a threat investigation, Trend Micro researchers found an interesting event. A process (nslookup.exe) that tried to connect to a malicious URL that was already blocked by trend Micro solutions. We could have stopped at this point, but searching for the root cause is part of managed detection and response (MDR) — ...

  • This Linux malware is hijacking supercomputers across the globe

    February 2, 2021

    A small but complex malware variant is targeting supercomputers worldwide. Reverse engineered by ESET and described in a blog post on Tuesday, the malware has been traced back to attacks against supercomputers used by a large Asian Internet Service Provider (ISP), a US endpoint security vendor, and a number of privately-held servers, among other targets. The cybersecurity ...

  • SonicWall zero-day exploited in the wild

    February 1, 2021

    Cyber-security firm the NCC Group said on Sunday that it detected active exploitation attempts against a zero-day vulnerability in SonicWall networking devices. Details about the nature of the vulnerability have not been made public to prevent other threat actors from studying it and launching their own attacks. “We’ve seen it used by a single threat actor earlier ...

  • UK Research and Innovation (UKRI) suffers ransomware attack

    January 30, 2021

    The UK Research and Innovation (UKRI) is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and ...

  • Chopper ASPX web shell used in targeted attack

    January 29, 2021

    Based on Trend Micro researchers investigation, the Chopper web shell is dropped via a system token, potentially via a Microsoft Exchange Server vulnerability. One notable vulnerability in the Microsoft Exchange Server is CVE-2020-0688, a remote code execution bug. Microsoft issued a patch for this vulnerability in February 2020. However, the malicious actors behind this attack ...

  • Fonix ransomware shuts down and releases master decryption key

    January 29, 2021

    The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. Fonix Ransomware, also known as Xinof and FonixCrypter, began operating in June 2020 and has been steadily encrypting victims since. The ransomware operation was not as widely active as others, such as REvil, Netwalker, ...