Malware News Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,178
Content source
https://thehackernews.com/2023/12/microsoft-warns-of-malvertising-scheme.html
Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector.

The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the deployment of CACTUS ransomware," the Microsoft Threat Intelligence team said in a series of posts on X (formerly Twitter).
Click to expand...
"The current Danabot campaign, first observed in November, appears to be using a private version of the info-stealing malware instead of the malware-as-a-service offering," Redmond further noted.

The credentials harvested by the malware are transmitted to an actor-controlled server, which is followed by lateral movement via RDP sign-in attempts and ultimately handing off access to Storm-0216.
Click to expand...
 
  • Like
  • +Reputation
Reactions: Andy Ful, vtqhtr413, Gandalf_The_Grey and 1 other person

Similar threads

upnorth
    • +Reputation
    • Like
    • Thanks
Nitrogen Ransomware Effort Lures IT Pros via Google, Bing Ads
Replies
1
Views
1,276
News Archive
Sandbox Breaker
Sandbox Breaker
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Microsoft-signed malicious Windows drivers used in ransomware attacks
Replies
2
Views
850
News Archive
brambedkar59
brambedkar59
T
    • Like
Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group
Replies
0
Views
533
News Archive
TedCruz
T

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top