#DanaBot

New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

by

February 26, 2024 at 10:45AM Ukrainian entities based in Finland are targeted in a malicious campaign distributing the Remcos RAT using the IDAT Loader. The attack utilizes steganography and has been attributed to the threat actor UAC-0184. Other loaders like Hijack Loader have been used to distribute additional payloads. CERT-UA disclosed a phishing campaign involving … Read more

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

by

December 4, 2023 at 12:00AM Microsoft alerts of a CACTUS ransomware spread through malvertising, deploying DanaBot for initial access, leading to attacks by the Storm-0216 group. DanaBot’s usage follows law enforcement disrupting QakBot. Recent attacks also exploit Qlik Sense vulnerabilities and a new macOS ransomware called Turtle has emerged. Clear Takeaways from Meeting Notes on … Read more