Recently BluVector released their latest quarterly threat report, a summary of the most notable malware that their Advanced Threat Detection engines caught at the end of last year. Reading the report, you’re likely to recognize the names of some of these threats. One trend that BluVector’s threat intelligence team identified was the reuse of trojans by ransomware gangs to simplify the delivery stage of the attack chain. The report also highlights new attacks from Advanced Persistent Threats (APTs).
Download the report for full coverage of the following threats, what they are and how they propagate:
CostaRicto APT for Hire – a relatively new group using Sombra or SombRAT
MuddyWater APT – (also known as SeedWorm) believed to be an Iranian APT, their latest attack poses as a security test to evade detection
Turla APT – believed to be a Russian APT, their new technique uses a compromised system inside the local network of the targeted organization as a proxy to route C2 traffic
SystemBC RAT – first seen in 2019, recently used by Ryuk and Egregor as part of their ransomware attacks
ModPipe – malware targeting Oracle Point of Sale software widely used in restaurants