hbrpgmL'Épidémie Silencieuse des SMS-Blasters
PeerTube
The IMSI-Catcher Fraud Nexus
The IMSI-Catcher Fraud Nexus
Die SMS-Blaster-Affäre von Paris
Die SMS-Blaster-Affäre von Paris
Hausse Alarmante des Infractions en Saxe
Hausse Alarmante des Infractions en Saxe
The Saxon Surge in Traffic Offenses
Verkehrssünder-Boom im Freistaat
Verkehrssünder-Boom im Freistaat
OTX BotA Slopoly start to AI-enhanced ransomware attacks
IBM X-Force discovered a likely AI-generated malware named 'Slopoly' used in a ransomware attack by the Hive0163 group. This marks the beginning of AI adoption among cybercrime groups, potentially transforming the threat landscape. Slopoly, while relatively unsophisticated, demonstrates how easily threat actors can use AI to develop new malware quickly. The attack involved ClickFix social engineering, NodeSnake malware, and InterlockRAT, culminating in the deployment of Interlock ransomware. This incident highlights the growing trend of AI-generated and AI-integrated malware, which could lead to more ephemeral and difficult-to-attribute attacks, challenging traditional threat intelligence methods.
Pulse ID: 69b934133afeb115e5169568
Pulse Link: https://otx.alienvault.com/pulse/69b934133afeb115e5169568
Pulse Author: AlienVault
Created: 2026-03-17 10:59:31
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberCrime #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RAT #RCE #RansomWare #SocialEngineering #bot #AlienVault
New backdoor targeting Ukrainian entities with possible links to Laundry Bear
A new campaign targeting Ukrainian entities has been identified, attributed to actors linked to Russia. The campaign uses judicial and charity-themed lures to deploy a JavaScript-based backdoor called DRILLAPP, which runs through the Edge browser. This backdoor enables various actions including file manipulation, microphone access, and webcam capture. Two variants of the campaign have been observed, with the second variant introducing additional capabilities. The attackers utilize the browser's capabilities to evade detection and gain access to sensitive resources. The campaign shares tactics with a previously reported Laundry Bear operation, leading to a low-confidence attribution to this group.
Pulse ID: 69b934921c208cec80c35f6c
Pulse Link: https://otx.alienvault.com/pulse/69b934921c208cec80c35f6c
Pulse Author: AlienVault
Created: 2026-03-17 11:01:38
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #CyberSecurity #Edge #ICS #InfoSec #Java #JavaScript #OTX #OpenThreatExchange #RAT #RCE #Russia #UK #Ukr #Ukrainian #bot #AlienVault
L'Exploitation Silencieuse de l'Information
L'Exploitation Silencieuse de l'Information
The Attribution Vacuum
