Fake Zoom Ends in BlackSuit Ransomware
#D3F@ckloader #IDATLoader #SecTopRAT
https://thedfirreport.com/2025/03/31/fake-zoom-ends-in-blacksuit-ransomware/

There's Something About CryptBot: Yet Another Silly Stealer (YASS)
#MustardSandwich #YetAnotherSillyStealer #IDATLoader #NetSupportRAT
https://intezer.com/blog/research/cryptbot-yet-another-silly-stealer-yass/

Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader
#IDATLoader #SecTopRAT
https://www.rapid7.com/blog/post/2024/04/10/stories-from-the-soc-part-2-msix-installer-utilizes-telegram-bot-to-execute-idat-loader/

In the part two blog, Rapid7 provides a technical analysis of the typo squatted malvertising, PowerShell scripts, RAR contents, and the IDAT Loader. IOC provided. 🔗 https://www.rapid7.com/blog/post/2024/04/10/stories-from-the-soc-part-2-msix-installer-utilizes-telegram-bot-to-execute-idat-loader/

#threatintel #IDATLoader #BruteRatel #malvertising #IOC

Rapid7 published a blog post (first of a two-part blog series) on a case study of IDAT Loader malware being distributed via a FakeUpdates campaign. The final payload is a Brute Ratel C4 badger. Rapid7 describes the attack chain, provides a technical analysis of the IDAT Loader, and provides IOC, MITRE ATT&CK TTPs and known sandbox usernames and analysis tools 🔗 https://www.rapid7.com/blog/post/2024/03/28/stories-from-the-soc-part-1-idat-loader-to-bruteratel/

#threatintel #IDATLoader #BruteRatel #badger #IOC