#WaterCurupira

Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign

by

January 12, 2024 at 12:11AM Pikabot malware, associated with the Water Curupira intrusion set, was used in phishing campaigns through 2023. Similar to Qakbot, it consists of a loader and core module enabling unauthorized access. The campaigns targeted victims via spam emails with malicious attachments, evolving to include a PDF file delivery method. Organizations are … Read more

Pikabot Malware Surfaces As Qakbot Replacement for Black Basta Attacks

by

January 10, 2024 at 11:35AM The emerging threat actor, Water Curupira, is using a new, sophisticated loader in thread-jacking phishing campaigns, signaling a precursor to ransomware attacks. Based on the meeting notes, it seems that an emerging threat actor named Water Curupira is using a new and sophisticated loader in thread-jacking phishing campaigns that are … Read more