CryptBot Facts:
CryptBot Infostealer Constantly Changing and Being Distributed
CryptBot Info-stealer Malware Being Distributed in Different Forms
CryptBot is one of the most actively-changing malware with its distribution pages constantly being newly-created.
When the user clicks the download button in a post disguised as a cracks and tools sharing website created by the attacker, the user is redirected multiple times, ultimately redirected to the distribution page, and new types of such redirections are constantly being created.
Sign Up For Threat Alerts
Aug 04, 2022
Google Drive And Dropbox Used By APT29...
Cloaked Ursa (aka: APT29) has been targeting governmental entities in several countries with spear-phishing campaigns...
Aug 03, 2022
Manjusaka: A Chinese sibling of Sliver and...
Cisco Talos recently discovered a new attack framework called "Manjusaka" being used in the wild...
Aug 03, 2022
macOS Targeted With The CloudMensis Multi-Staged Malware
ESET researchers discovered a previously unknown macOS backdoor that spies on users of the compromised...
Aug 01, 2022
Attackers Target Ukraine With GoMet Backdoor
Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage...
Jul 31, 2022
Untangling KNOTWEED: European private-sector offensive actor using...
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a...
Jul 31, 2022
Untangling KNOTWEED: European private-sector offensive actor using...
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a...
Jul 26, 2022
EvilNum Targets Cryptocurrency, Forex, Commodities
Proofpoint Threat Research observed the group Proofpoint calls TA4563 targeting various European financial and investment...
Jul 25, 2022
Lightning Framework: New Undetected “Swiss Army Knife”...
Lightning is a previously undocumented and undetected Linux threat. Lightning is a modular framework we...
Jul 24, 2022
Redeemer Ransomware
Redeemer 2.0 Being Distributed Via Affiliate Program Cyble Research Labs has constantly been tracking emerging...
Jul 21, 2022
Cobalt Strikes again: UAC-0056 continues to target...
The Malwarebytes Threat Intelligence team recently reviewed a series of cyber attacks against Ukraine that...
Jul 20, 2022
Trello From the Other Side: APT29 Phishing...
Beginning mid-January 2022, Mandiant detected and responded to an APT29 phishing campaign targeting a diplomatic...
Jul 18, 2022
New OrBit Linux Malware That Hijacks Execution...
New and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware attacks...
Jul 18, 2022
North Korean threat actor targets small and...
A group of actors originating from North Korea that Microsoft Threat Intelligence Center (MSTIC) tracks...
Jul 13, 2022
ChromeLoader – New Stubborn Malware Campaign
A new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was...
Jul 13, 2022
Raspberry Robin Worm Abuses Windows Installer and...
The Cybereason team is investigating a series of recent infections with the Raspberry Robin campaign,...