Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz.
The largest known ransom payment was previously $40 million.
#DarkAngels #ThreatLabz #Chainalysis #ransomware #malware #security #cybersecurity #hackers #hacking
Zscaler ThreatLabz 2024 Ransomware Report shows attacks surged year-over-year, with the manufacturing sector being targeted most frequently https://www.admin-magazine.com/News/Ransomware-Report-Shows-Increase-in-Attacks
#security #ransomware #manufacturing #healthcare #education #FinancialServices #ThreatLabz #vulnerability #zscaler
Low-Drama โDark Angelsโ Reap Record Ransoms
https://krebsonsecurity.com/2024/08/low-drama-dark-angels-reap-record-ransoms/
#AmerisourceBergenCorporation #BleepingComputer #BrettStone-Gross #ALittleSunshine #DataBreaches #DunghillLeak #Ransomware #DarkAngels #ransomware #ThreatLabz #Cencora #Zscaler #sophos #Sabre #Sysco
Low-Drama โDark Angelsโ Reap Record Ransoms - A ransomware group called Dark Angels made headlines this past week when it was re... https://krebsonsecurity.com/2024/08/low-drama-dark-angels-reap-record-ransoms/ #amerisourcebergencorporation #bleepingcomputer #brettstone-gross #alittlesunshine #databreaches #dunghillleak #ransomware #darkangels #threatlabz #cencora #zscaler #sophos #sabre #sysco
"๐ฐ BunnyLoader Unleashed: The Newest Kid on the Malware Block ๐ฐ"
In a recent discovery, Zscaler ThreatLabz stumbled upon a new Malware-as-a-Service (MaaS) threat named "BunnyLoader" being peddled on various forums. This nefarious service offers a plethora of malicious functionalities including downloading and executing a second-stage payload, pilfering browser credentials and system information, keylogging, and even cryptocurrency theft through clipboard manipulation. ๐ต๏ธโโ๏ธ๐ป
The malware, written in C/C++, is sold for a lifetime price of $250 and is under rapid development with multiple feature updates and bug fixes. It employs various anti-sandbox techniques during its attack sequence to evade detection and has a fileless loader feature which executes further malware stages in memory. BunnyLoader's C2 panel allows the threat actor to control infected machines remotely, showcasing a list of various tasks including keylogging, credential theft, and remote command execution among others. ๐๐
The detailed technical analysis reveals how BunnyLoader maintains persistence, performs anti-VM techniques, registers with the C2 server, and executes its core malicious tasks. The malware also harbors a clipper module to replace cryptocurrency addresses in a victim's clipboard with addresses controlled by the threat actor, targeting multiple cryptocurrencies like Bitcoin, Ethereum, and Monero. ๐ช๐ธ
The article is a comprehensive dive into the technical intricacies of BunnyLoader, shedding light on its modus operandi and the potential threat it poses to individuals and organizations alike. ๐ง๐
Source: Zscaler ThreatLabz
Tags: #BunnyLoader #MalwareAsAService #CyberSecurity #ThreatAnalysis #Malware #CryptocurrencyTheft #Zscaler #ThreatLabz #InfoSec
Authors: NIRAJ SHIVTARKAR, SATYAM SINGH
