X-Industry

evilproxy (2)

Weekly Cyber Intel Report - All Sector 09 16 2022

Activity Summary - Week Ending on 16 September 2022:

Red Sky Alliance identified 46,287 connections from new IP’s checking in with our Sinkholes
hetzner[.]de in Finland hit 28x
Analysts identified 3,147 new IP addresses participating in various Botnets
Nomad Crypto
EvilProxy
Albania
US – New York
Kiwi Farms
Russia
Industrial Espionage

Link to full report: IR-22-259-001_weekly259.pdf

EvilProxy Now Available for Purchase

A new Phishing-as-a-Service (PhaaS) named EvilProxy (also known as Moloch) was seen for sale in dark web forums, according to researchers. Moloch ransomware is a computer virus infection that encrypts all personal victim files on an affected device and demands a ransom for unlocking them. This file-locking parasite belongs to a relatively small Makop ransomware family compared to others, such as Djvu or Dharma.

EvilProxy actors are using reverse proxy and cookie injection methods to bypass 2FA

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use Red Sky Alliance.

Please check your browser settings or contact your system administrator.

Activity Summary - Week Ending on 16 September 2022:

Note: this page contains paid content.