D3LabAug 9, 2024

Campagne #Malware #Italy Week 32
🔥☠️💣👻

#SnakeKeyLogger: Citazione
#Guloader: Ordine
#Formbook: Modulo bancario
#AsyncRAT: Documento
#RemcosRAT: Prezzi
#AgentTesla: Preventivo
#ModiLoader: Pagamento
#StrRat: Ordine
#RedLine: Quotazione
#Vidar: Pagamento
#Ousaban: Documento

#mwitaly

D3LabJul 19, 2024

Campagne #Malware #Italy Week 29

☠️💣🔥👻
#AgentTesla: Ordine
#Formbook: Offerta
#GuLoader: Fattura Elettronica
#Remcos: Bank
#Lokibot: Delivery
#SmokeLoader: Pagamenti
#Irata: Malware APK
#RedLine: Offerta
#Neshta: Ordine
#Ousaban: Processo
#SnakeKeylogger: Fattura

#mwitaly

D3LabJul 12, 2024

Campagne #Malware #Italy Week 28

☠️💣🔥👻
#Irata - #SpyNote: Malware APK
#Formbook: Rimborso
#AgentTesla: Ordine
#GuLoader: Fattura
#SnakeKeylogger: Prezzi
#Neshta: Ordine
#Remcos: Bank
#XWorm: Prezzi
#Ousaban: Processo
#Lokibot: Pagamento
#AsyncRAT: Bank

#mwitaly

D3LabJul 5, 2024

Campagne #Malware #Italy Week 27

☠️💣🔥👻
#AgentTesla: Ordine
#Irata - #AzraelBot: Malware APK
#Formbook: Pagamento
#SnakeKeylogger: Materiale
#Remcos: Bank
#XWorm: Spedizioni
#VCRuntime: AgenziaEntrate
#Ousaban: Processo
#mwitaly

b4n1shedFeb 20, 2024

Just published our latest research into a series of ongoing malware campaigns abusing Google Cloud Run to distribute the #Astaroth #Mekotio & #Ousaban banking trojans, primarily across LATAM.

Check it out!

https://blog.talosintelligence.com/google-cloud-run-abuse/

Astaroth, Mekotio & Ousaban abusing Google Cloud Run in LATAM-focused malware campaigns

Since September 2023, we have observed a significant increase in the volume of malicious emails leveraging the Google Cloud Run service to infect potential victims with banking trojans.

Cisco Talos Blog