Zeus and IcedID malware mastermind pleaded guilty to crime charges. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank) was on the FBI’s most-wanted list before he was apprehended. The 37-year-old Ukrainian threat actor was described as the leader of two prolific malware groups by the Department of Justice (DoJ). Zeus’s crime resulted in the loss of millions of dollars due to the number of computers infected with the malware.
The Cactus ransomware group has attacked several companies, leading to varying degrees of damage. Below are the affected companies:
Parksite: The attack on this American company resulted in the exfiltration of 136GB of data. Parksite specializes in sales, market development, distribution services, and demand creation. The company has over 500 employees with 387 associated members and a revenue of $452.7 million.
Gocco: The attack on Gocco resulted in the exfiltration and exposure of data worth 136GB. The company has a revenue of $937.9 million and over 500 employees.
SPB Global: This family business is focused on manufacturing household care products, domestic cleaning products, products for pools, Improvement of products through R&D, manufacturing of laundry care products, personal care products, home care, laundry care, and chemical products. The attack on SPB Global resulted in the exfiltration and exposure of 706GB of data. The company has over 1000 employees and revenue of $937.9 million.
First Professional Services becomes a victim of the Bianlian ransomware group. With over 50 employees and $5 million in revenue, the company specializes in medical billing and collections, coding, auditing, and revenue cycle management.
Middle East policy experts top the list of victims targeted with the new BASICSTAR backdoor operated by Iranian hackers. According to one of the researchers, “CharmingCypress often employs unusual social-engineering tactics, such as engaging targets in prolonged conversations over email before sending links to malicious content.” Charming Kitten has records of several crimes, including extensive social engineering. He is famously known as APT35, CharmingCypress, Mint Sandstorm, TA453, and Yellow Garuda.
Meta has warned about eight spyware firms targeting iOS, Android, and Windows devices. According to the report, this malware can collect and access device information, location, contacts, calendar, email, SMS, photos and media, social media details, messaging app information, enabling microphone, camera, and screenshot functionality. Meta Platform further listed the eight companies for better awareness. The company includes TrueL IT, Protect Electronic Systems, Cy4Gate/ELT Group, RCS Labs, IPS Intelligence, Variston IT, Negg Group, and Mollitiam Industries.
Google Play Store security was defeated by Anatsa android trojan. The Trojan doesn’t only bypass the security but also expands activities to Slovakia, Slovenia, and Czechia in a new campaign. Further investigations revealed the campaign includes five droppers and 100,000 total installations. The droppers displayed outstanding potency against the restricted settings for accessibility services in Android 13. One of the reports about the campaign stated, “Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play’s enhanced detection and protection mechanisms.”
B&B Electric becomes one of the victims of bianlian ransomware group. The company is famous for the provision of reliable electrical services. The company has over 500 employees and revenue of $43.1 million.
