Ole Villadsen – WindowsTechs.com

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

Posted on September 12, 2023 by Ole Villadsen

IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. Explore the analysis.

The post Email campaigns leverage updated DBatLoader to deliver RATs, stealers appeared first on Security Intelligence.

Continue reading Email campaigns leverage updated DBatLoader to deliver RATs, stealers→

Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine

Posted on July 7, 2022 by Ole Villadsen

Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine. Between mid-April and mid-June of 2022 the Trickbot group, tracked by X-Force as ITG23 and […]

The post Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine appeared first on Security Intelligence.

Continue reading Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine→

Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds

Posted on October 13, 2021 by Ole Villadsen

IBM X-Force has been tracking the activity of ITG23, a prominent cybercrime gang also known as the TrickBot Gang and Wizard Spider. Researchers are seeing an aggressive expansion of the gang’s malware distribution channels, infecting enterprise users with Trickbot and BazarLoader. This move is leading to more ransomware attacks — particularly ones using the Conti […]

The post Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds appeared first on Security Intelligence.

Continue reading Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds→

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

Posted on April 7, 2020 by Ole Villadsen

Financially motivated, adaptable, sophisticated and persistent, the ITG08 threat group is likely to remain one of the most potent cybercriminal groups in this new decade.

The post ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework appeared first on Security Intelligence.

Continue reading ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework→

More_eggs, Anyone? Threat Actor ITG08 Strikes Again

Posted on August 29, 2019 by Ole Villadsen

Reading Time: 14 minutes X-Force IRIS observed ITG08, which has historically targeted POS machines in the retail and hospitality sectors, injecting malicious code into online checkout pages to steal payment card data.

The post More_eggs, Anyone? Threat Actor ITG08 Strikes Again appeared first on Security Intelligence.

Continue reading More_eggs, Anyone? Threat Actor ITG08 Strikes Again→