Gamaredon continues to target Ukraine.  RedLine thief disguised as game cheats. Emotet's place in the malware landscape.  Quantum Computing Risks.

Gamaredon continues to target Ukraine. RedLine thief disguised as game cheats. Emotet’s place in the malware landscape. Quantum Computing Risks.

In one look.

  • Gamaredon continues to target Ukraine.
  • RedLine thief disguised as game cheats.
  • Emotet’s place in the malware landscape.
  • Quantum Computing Risks.

Gamaredon continues to target Ukraine.

Cisco Talos claims that Russian threat actor Gamaredon (also known as Primitive Bear) continues to conduct espionage campaigns against Ukrainian organizations. The threat actor uses spear phishing emails to distribute malicious Microsoft Office documents:

“Cisco Talos discovered Gamaredon APT activity targeting users in Ukraine with malicious LNK files distributed in RAR archives. The campaign, part of an ongoing spy operation observed as recently as August 2022, aims to deliver information-stealing malware to Ukrainian victim machines and makes heavy use of several modular PowerShell and VBScript (VBS) scripts as part of the infection chain.The infostealer is a dual-purpose malware that includes capabilities to exfiltrate specific file types and deploy additional binary and script-based payloads to an infected endpoint.

RedLine thief disguised as game cheats.

Kaspersky warns that RedLine Trojan is distributed with a bundle of malware that can be spread by posting YouTube videos with malicious links. The researchers note that while this technique is unusual, it is achieved by “using relatively unsophisticated software”:

“In addition to the payload itself, the discovered bundle is notable for its self-spreading functionality. Several files are responsible for it, which receive videos and post them to infected users’ YouTube channels along with the links to a password-protected archive with bundle in description Videos advertise cheats and cracks and provide instructions on hacking popular games and software Games mentioned include APB Reloaded, CrossFire, DayZ, Dying Light 2 , F1® 22, Farming Simulator, Farthest Frontier, FIFA 22, Final Fantasy XIV, Forza, Lego Star Wars, Osu!, Point Blank, Project Zomboid, Rust, Sniper Elite, Spider-Man, Stray, Thymesia, VRChat and Walken. According to Google, the hacked channels were quickly shut down for violating the company’s Community Guidelines.”

Emotet’s place in the malware landscape.

AdvIntel researchers have observed over 1.2 million Emotet infections since the start of 2022. Most of the infections (35.7%) are in the United States. Researchers also warn that ransomware groups Quantum and BlackCat are now using the malware distribution botnet after the Conti bust in June 2022. BleepingComputer adds that significant spikes in Emotet activity have been observed by both AdvIntel and ESET in 2022.

According to Check Point Visibility, however, information stealer FormBook replaced Emotet as the most prevalent malware strain in August 2022, followed by AgentTesla trojan, cryptominer XMRig, and downloader Guloader.

Quantum Computing Risks.

Deloitte has released the results of a quantum computing cybersecurity risk awareness survey. The survey found that just over half (50.2%) of respondents are aware of “harvest now, decipher later” attacks. These attacks involve stealing encrypted data and storing it until a quantum computer is developed to crack the encryption.

26.6% of respondents said their organization has already conducted a quantum computing risk assessment, while 18.4% plan to conduct an assessment within a year.

Additionally, 27.7% of respondents said their organization would be more likely to deal with quantum risk as a result of regulatory pressure, while 20.7% cited the demand for leadership within the organization “to enable cryptographic agility that can handle algorithms rendered obsolete by quantum computing”.


#Gamaredon #continues #target #Ukraine #RedLine #thief #disguised #game #cheats #Emotets #place #malware #landscape #Quantum #Computing #Risks

Leave a Comment

Your email address will not be published.