HomeVulnerabilityMeet Latrodectus: Preliminary entry brokers’ new favourite malware loader

Meet Latrodectus: Preliminary entry brokers’ new favourite malware loader

TA577 has used a wide range of malware loaders and Trojans overs the years, together with Qbot, IcedID, SystemBC, SmokeLoader, Ursnif, and Cobalt Strike; TA578 has additionally used Ursnif, IcedID, KPOT Stealer, Buer Loader, BazaLoader, and Cobalt Strike. Since each teams had a powerful reference to IcedID it’s not stunning that Proofpoint discovered hyperlinks between Latrodectus command-and-control infrastructure and that related to IcedID prior to now.

In Might, regulation enforcement businesses from a number of European international locations, together with these within the US and the UK seized 1000’s of domains and round 100 servers used within the command infrastructure of IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot, dealing a severe blow to these botnets. Dubbed Operation Endgame, the seizure was half of a bigger regulation enforcement effort that has continued all year long.

Latrodectus: A brand new rising star

Since then, a number of security companies have reported a rise in Latrodectus exercise, together with Bitsight in June, Trustwave earlier this month, and now Forcepoint. Trustwave known as it a rising star within the malware world and famous that Operation Endgame possible gave it a lift.

See also  Sign Pours Chilly Water on Zero-Day Exploit Rumors
- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular