Briefing Malware
BLOG CERT SOGETI ESEC
CERT BRIEFING MALWARE

Briefing Malware - 07/09/2021

7th of September 2021 - Winners of the 36th week : Redline, Raccoon and Formbook.

Some links points at extended actionnable intelligence (Threat Bulletins, TTPs, signatures, etc) on our Threat Intelligence Platform Anomali. This access is limited to our clients.

 

Threat statistics report

Publication date:

07/09/2021

Distribution :

TLP : WHITE  

What's new?

Raccoon (NC)

Malware droppers as a service

#Sophos Security Team conducted investigations regarding a #Raccoon stealer campaign and found a link to a network of websites used to lure victims into clicking on cracked versions of the software. Those downloaded softwares could include #information-stealers, various #cryptominers, the #Glupteba backdoor, the #Stop ransomware,… Those websites are part of an underground marketplace, where one can buy services of one or multiple malware actor(s) per number of download and/or location. #InstallBest, located in Russia, can provide a user-friendly interface that can launch a “one click” malware campaign via a deposit paid in bitcoins. Another install-as-a-service network, #InstallUSD, has been spotted during the investigation. The victim is redirected through a series of servers until the download of the wanted cracked software.

 

https://news.sophos.com/en-us/2021/09/01/fake-pirated-software-sites-serve-up-malware-droppers-as-a-service/

 

Download the report

 

 

Print Email