#XynikCampaign

‘Vortax’ Meeting Software Builds Elaborate Branding, Spreads Infostealers

by

June 20, 2024 at 12:01PM A widespread campaign is targeting cryptocurrency users through fake virtual meeting software, Vortax, delivering infostealing malware such as Rhadamanthys, Stealc, and Atomic. The threat actor “Markopolo” is linked to this campaign, posing as a legitimate software company but actually engaging in credential harvesting. This campaign highlights an increased focus on … Read more

Russia’s Turla APT Abuses MSBuild to Deliver TinyTurla Backdoor

by

May 21, 2024 at 10:59AM A Russia-linked APT group is deploying the TinyTurla backdoor via a campaign that uses socially engineered emails and fileless payload. The campaign targets individuals and entities in the Philippines, with the TinyTurla backdoor connected to the long-running Russia-sponsored threat actor, Turla. The attackers impersonate legitimate authorities and employ sophisticated techniques … Read more