ransomNewsOct 4
⚠️ WarmCookie resurfaces with stealth handlers Malware reappears after takedown; new variant adds stealthy handlers and uses expired C2 TLS certificates to evade detection, strengthen persistence, and complicate tracking. #ransomNews #WarmCookie #Malware
Show threadMarcel SIneM(S)USMay 27, 2025
Operation Endgame 2: 15 Millionen E-Mail-Adressen und 43 Millionen Passwörter | Security https://www.heise.de/news/Operation-Endgame-2-15-Millionen-E-Mail-Adressen-und-43-Millionen-Passwoerter-10396199.html #HaveIBeenPwned #Malware #Ransomware #Hacking #CyberCrime #Bumblebee #Latrodectus #Qakbot #DanaBot #HijackLoader #Warmcookie #Trickbot #Prolock #Doppelpaymer #REvil #Conti #BlackBasta #Cactus #OperationEndgame2
Operation Endgame 2: 15 Millionen E-Mail-Adressen und 43 Millionen Passwörter

Bei "Operation Endgame 2.0" kamen viele Millionen Adressen und Passwörter von Opfern ans Licht. Have I Been Pwned hat sie aufgenommen.

heise online
Marcel SIneM(S)USMay 24, 2025
Operation Endgame 2.0: 20 Haftbefehle, Hunderte Server außer Gefecht gesetzt | Security https://www.heise.de/news/Operation-Endgame-2-0-20-Haftbefehle-Hunderte-Server-ausser-Gefecht-gesetzt-10394215.html #OperationEndgame #OperationEndgame2 #Malware #Ranswomware #Hacking #CyberCrime #Bumblebee #Latrodectus #Qakbot #DanaBot #HijackLoader #Warmcookie #Trickbot #Prolock #Doppelpaymer #REvil #Conti #BlackBasta #Cactus
Operation Endgame 2.0: 20 Haftbefehle, Hunderte Server außer Gefecht gesetzt

Das BKA, Europol und weitere internationale Ermittlungsbehörden gehen weiter gegen Malware vor. Gegen mehr als 20 Akteure ergingen Haftbefehle und Anklagen.

heise online
The Spamhaus ProjectMay 23, 2025

🔥 Operation Endgame is BACK! This time targeting #BumbleBee, #Latrodectus, #DanaBot, #WarmCookie, #Qakbot and #Trickbot!

Once again this is a HUGE win, with a truly international effort! 💪

As with phase one of #OperationEndgame, Spamhaus are providing remediation support - those affected will be contacted in due course with steps to take.

For more information, read our write-up here:
👉 https://www.spamhaus.org/resource-hub/malware/botnets-disrupted-worldwide-operation-endgame-is-back/

Malware | Operation Endgame 2.0 | Botnets disrupted after international action | Resources

Operation Endgame is back - in this post, get details of the take-down itself and Spamhaus’ role in victim account remediation.

The Spamhaus Project
b4n1shedOct 23, 2024

Super excited to share research that we just published related to activity associated with #TA866 #AsylumAmbuscade since 2021 as well as links to recent #WarmCookie/#BadSpace activity. Check it out!

https://blog.talosintelligence.com/highlighting-ta866-asylum-ambuscade/

We also did an comparative analysis of the code execution flow in #Resident backdoor and #WarmCookie and took a look at recent changes in #WarmCookie functionality!

https://blog.talosintelligence.com/warmcookie-analysis/

Highlighting TA866/Asylum Ambuscade Activity Since 2021

TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020.

Cisco Talos Blog
Tech Cybersecurity NieuwsOct 2, 2024
Nieuwe warmcookie malware verspreidt zich via valse browserupdates in frankrijk https://www.trendingtech.news/trending-news/2024/10/40235/nieuwe-warmcookie-malware-verspreidt-zich-via-valse-browserupdates-in-frankrijk #WarmCookie #FakeUpdate #malware #cyberaanval #browserupdate #Trending #News #Nieuws
Nieuwe warmcookie malware verspreidt zich via valse browserupdates in frankrijk

Een nieuwe cyberaanvalscampagne, bekend als 'FakeUpdate', richt zich op gebruikers in Frankrijk door middel van valse browser- en applicatie-updates. Deze upda

Tech Nieuws
Tech Cybersecurity NieuwsOct 2, 2024
Nieuwe warmcookie malware verspreidt zich via valse browserupdates in frankrijk https://www.trendingtech.news/trending-news/2024/10/40235/nieuwe-warmcookie-malware-verspreidt-zich-via-valse-browserupdates-in-frankrijk #WarmCookie #FakeUpdate #malware #cyberaanval #browserupdate #Trending #News #Nieuws
Nieuwe warmcookie malware verspreidt zich via valse browserupdates in frankrijk

Een nieuwe cyberaanvalscampagne, bekend als 'FakeUpdate', richt zich op gebruikers in Frankrijk door middel van valse browser- en applicatie-updates. Deze upda

Tech Nieuws
Olly 👾Jun 14, 2024

New Warmcookie Windows Backdoor pushed via Fake Job Offers.

A never-before-seen Windows malware named 'Warmcookie' is distributed through fake job offer phishing campaigns to breach corporate networks. Warmcookie is capable of extensive machine fingerprinting, screenshot capturing and the deployment of additional payloads.

https://www.elastic.co/security-labs/dipping-into-danger

#warmcookie #microsoft #windows #os #backdoor #fake #job #offers #it #security #privacy #tech #engineering #news

Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs

Elastic Security Labs observed threat actors masquerading as recruiting firms to deploy a new malware backdoor called WARMCOOKIE. This malware has standard backdoor capabilities, including capturing screenshots, executing additional malware, and reading/writing files.

Anonymous 🐈️🐾☕🍵🏴🇵🇸 Jun 12, 2024
WarmCookie sounds cozy & sweet -- but it's malware that grabs victim info, spies on victims and can drop ransomware. What you need to know: https://informatech.co/4cd93WQ #WarmCookie
WarmCookie Gives Cyberattackers New Backdoor for Initial Access

The fresh-baked malware is being widely distributed, but still targets individuals with tailored lures. It's poised to evolve into a bigger threat, researchers warn.