Analyst2072d ago

Malware Campaigns Target Gamers, 86K Infected by CountLoader

A shocking 86,000 gamers have fallen victim to CountLoader, a sneaky malware campaign that's been targeting players since January 2026, and the masterminds behind it are making it easy for others to join the malicious party with their free, user-friendly malware service.

https://osintsights.com/malware-campaigns-target-gamers-86k-infected-by-countloader?utm_source=mastodon&utm_medium=social

#MalwareAsAService #Maas #Weedhack #Minecraft #Countloader

Malware Campaigns Target Gamers, 86K Infected by CountLoader

Discover how Weedhack malware targets gamers with Minecraft mods, infecting 86K systems. Learn how to protect yourself from this MaaS threat now.

OSINTSights
CyberVeille.chSep 26, 2025
📱 Phishing via fichiers SVG usurpant des agences ukrainiennes pour diffuser Amatera Stealer et PureMiner
📝 FortiGuard Labs (Fortinet) publie une analyse d’une c...
📖 cyberveille : https://cyberveille.ch/posts/2025-09-26-phishing-via-fichiers-svg-usurpant-des-agences-ukrainiennes-pour-diffuser-amatera-stealer-et-pureminer/
🌐 source : https://www.fortinet.com/blog/threat-research/svg-phishing-hits-ukraine-with-amatera-stealer-pureminer
#Amatera_Stealer #CountLoader #Cyberveille
Phishing via fichiers SVG usurpant des agences ukrainiennes pour diffuser Amatera Stealer et PureMiner

FortiGuard Labs (Fortinet) publie une analyse d’une campagne ciblĂ©e usurpant des agences gouvernementales ukrainiennes, combinant SVG malveillants, archives protĂ©gĂ©es par mot de passe et une chaĂźne d’exĂ©cution CHM/HTA pour dĂ©ployer Amatera Stealer et PureMiner. ‱ Vecteur initial et leurre: Des emails falsifiĂ©s contiennent des piĂšces jointes SVG intĂ©grant des iframes HTML qui redirigent les victimes vers des tĂ©lĂ©chargements d’archives protĂ©gĂ©es par mot de passe. ‱ ChaĂźne d’infection: Les archives livrent un fichier CHM qui exĂ©cute un HTA distant via CountLoader (avec six commandes supportĂ©es pour la livraison de charges). Deux mĂ©thodes sont dĂ©crites: 1) ergosystem.zip utilise la compilation .NET AOT avec process hollowing pour dĂ©ployer PureMiner; 2) smtpB.zip s’appuie sur PythonMemoryModule pour l’exĂ©cution fileless d’Amatera Stealer.

CyberVeille
Hackread.comSep 22, 2025

Hackers are using fake Ukrainian police emails to spread new #CountLoader malware, giving ransomware gangs like LockBit and Qilin initial access to victims.

Read: https://hackread.com/fake-ukrainian-police-emails-countloader-malware-loader/

#CyberSecurity #Russia #Ukraine #Ransomware

Fake Ukrainian Police Emails Spread New CountLoader Malware Loader

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto