The technical article below from Palo Alto Networks focuses on the newly released BunnyLoader 3.0, a historical observation of BunnyLoader infrastructure, and an overview of its capabilities. BunnyLoader is dynamically developing malware that can steal information, credentials, and cryptocurrency and deliver additional malware to its victims. In an increasingly cutthroat market, cybercriminals must regularly update and retool their malware to compete with other cybercriminals, security tools,
maas (4)
The operators of the infamous Raccoon malware announced their return this week after a six-month hiatus from hacker forums following the arrest of an administrator. "We are happy to return with new strength and understanding of our mistakes," they said in a statement.
Raccoon is a highly popular info-stealing malware-as-a-service sold on dark web forums. It has been praised for its simplicity and customization. The malware targets popular browsers and desktop cryptocurrency wallets to steal
The Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries. Godfather was initially observed in June 2021 and is believed to be the successor of the Anubis banking trojan, likely built on top of the Anubis source code that leaked in 2019. Compared to Anubis, Godfather features updated command-and-control (C&C) communication and implementation, a modified traffic encryption algorithm, a new module for managing virtual network computi
Cyber threat actors are introducing new services to expand their “Client” base. The Pay-per-Install (PPI) distribution model is based on revenue sharing and commissions. The PPI model was initially used to distribute advertisements but is has transitioned to install malware. Malware authors do not have the resources or bandwidth to spread their malware on a large scale. Instead they can rely on a network of affiliates, who distribute the malware, and in return get paid a commission for every
