#PikaBot – Xynik

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations

June 20, 2024 by Xynik

June 20, 2024 at 02:39AM Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader, targeting Chinese organizations through phishing campaigns. The loader uses various evasion techniques and can deliver second-stage shellcode payloads. Meanwhile, other loaders like Taurus Loader and PikaBot continue to evolve, presenting challenges for detection and mitigation. A law enforcement effort … Read more

PikaBot Resurfaces with Streamlined Code and Deceptive Tactics

February 13, 2024 by Xynik

February 13, 2024 at 09:39AM The PikaBot malware has evolved with significant changes, simplifying its code and network communications, making it more accessible for threat actors. With ongoing development, it remains a significant cyber threat. Additionally, a cloud account takeover campaign targeting Microsoft Azure environments has compromised hundreds of user accounts. Source: Newsroom Cyber Threat/Malware. … Read more

Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign

January 12, 2024 by Xynik

January 12, 2024 at 12:11AM Pikabot malware, associated with the Water Curupira intrusion set, was used in phishing campaigns through 2023. Similar to Qakbot, it consists of a loader and core module enabling unauthorized access. The campaigns targeted victims via spam emails with malicious attachments, evolving to include a PDF file delivery method. Organizations are … Read more

New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

December 19, 2023 by Xynik

December 19, 2023 at 06:33AM The PikaBot malware loader, previously distributed through malspam campaigns, has now been linked to malvertising targeting users seeking software like AnyDesk. It operates as a backdoor, enabling unauthorized remote access and delivery of other malicious tools. PikaBot is employed by threat actors, including TA577, using sophisticated techniques to evade detection … Read more

DarkGate and PikaBot Malware Resurrect QakBot’s Tactics in New Phishing Attacks

November 20, 2023 by Xynik

November 20, 2023 at 10:12AM Phishing campaigns using DarkGate and PikaBot malware are utilizing tactics previously seen with QakBot trojan attacks. The malware families have similarities in distribution methods and behaviors to QakBot. DarkGate has advanced evasion techniques and remote control capabilities, while PikaBot can deliver additional payloads. The attacks target various sectors, spreading through … Read more