Discover and read the best of Twitter Threads about #BitPaymer
Most recents (3)
🧵The latest Threat Landscape Update from @RelativityHQ’s Calder7 security team focuses on Evil Corp and its new Macaw Locker #ransomware that is being used to evade U.S. sanctions which previously prevented victims from paying ransoms. (1/7) #CyberSecurity #Legaltech
Background: Evil Corp, also known as Indrik Spider, Gold Drake, and Dridex gang, is an international cybercrime network that has stolen over $100 million USD in over 40 countries through a variety of attacks on banking institutions (2/7)
The group also dabbles in #ransomare, including their notorious #BitPaymer operation which utilized Dridex malware to attack compromised networks and subsequently led to sanctions from the US Treasury in 2019: home.treasury.gov/news/press-rel… (3/7)
1/6
Based on the evidence published, some bullets in Everis case:
#Ryuk not was involved, the ransome note is different.
#Ryuk/#Bitpaymer take long time to been deployed.
#Ryuk has been saw in combination of #Emotet->#Trickbot.
Based on the evidence published, some bullets in Everis case:
#Ryuk not was involved, the ransome note is different.
#Ryuk/#Bitpaymer take long time to been deployed.
#Ryuk has been saw in combination of #Emotet->#Trickbot.
2/6
0day Bonjour Updater
Oct 10, Morphisec published “the abuse of an Apple zero-day vulnerability in the Apple Software Update utility that comes packaged with iTunes for Windows” , related with #Bitpaymer adversaries.
0day Bonjour Updater
Oct 10, Morphisec published “the abuse of an Apple zero-day vulnerability in the Apple Software Update utility that comes packaged with iTunes for Windows” , related with #Bitpaymer adversaries.
3/6
BlueKeep
Over the weekend @GossiTheDog, report that his honeypot saw activity related with Bluekeep, working with @MalwareTechBlog they found that the final payload is a #MoneroMiner. Some IOC's shared today are related with this activity.
BlueKeep
Over the weekend @GossiTheDog, report that his honeypot saw activity related with Bluekeep, working with @MalwareTechBlog they found that the final payload is a #MoneroMiner. Some IOC's shared today are related with this activity.
