Kaynak

Organized Cyber-Crime
[Conti] Ransomware Group In-Depth Analysis

PRODAFT Threat Intelligence (PTI) Team has obtained valuable insights on theinner workings of the Conti ransomware group. The PTI team accessed Conti’s infrastructure and identified the real IP addresses of the servers in question. This report provides unprecedented detail into the way the Conti ransomware gang works, how they select their targets,...

Botnet
[SOLARMARKER] In-Depth Analysis Report

The PRODAFT Threat Intelligence (PTI) team has assembled this report to provide in-depth knowledge about Solarmarker malware and the threat actors behind it. Solarmarker is a multipurpose backdoor first discovered sometime around September 2020. This report brings new, exclusive information about Solarmarker C&C infrastructure to the...

Botnet
[TODDLER] Mobile Banking Botnet Analysis Report

Starting from the second half of 2020, PRODAFT Threat Intelligence ("PTI") team witnessed a rising trend of mobile banking malware attacks against the European countries; primarily targeting customers of banking institutions based in Spain, Germany, Switzerland, and Netherlands. Toddler is considered to be an important example of this trend in term...

Organized Cyber-Crime
[LOCKBIT] Behind The Lines of LockBit R.a.a.S.

PRODAFT Threat Intelligence (also known as "PTI") Team has analyzed critical LockBit ransomware infrastructure and gained in-depth knowledge about the threat actors who operate LockBit ransomware. The PTI team was able to decrypt most of the LockBit victims and uncovered the inner workings of a semi-automated R.a.a.S. platform. Our report includes...

Cyber Espionage
[SILVERFISH] Global Cyber Espionage Campaign Case Report

The PRODAFT Threat Intelligence (PTI) Team has uncovered a global cyber-espionage campaign, which has strong ties with the SolarWinds attack and the EvilCorp. Victims include dozens of Fortune500 companies, a three letter US organization, and various ministries/departments (from the U.S. and the E.U.) which have previously admitted being breache...

Organized Cyber-Crime
[FLUBOT] New Masssive Mobile Malware Ring Targeting Europe

PRODAFT Threat Intelligence (also known as "PTI") Team has just uncovered a massive banking malware operation which primarily targets banking users in Spain. According to our findings, this new operation (referred as "FluBot") sets a new precedent of spreading methods and DGA implementations. Currently, the malware has collected more than -11 Mil...

Botnet
[BRUNHILDA] DaaS Malware Analysis Report

This report is based on an analysis of the Brunhilda dropper service which is detected by The PRODAFT Threat Intelligence (PTI) Team. Brunhilda is a dropper service that utilizes the Google Play Store to distribute various malware. While cybercrimegroups tend to start operating as MaaS businesses, currently there is an upward trend of DaaS (Drop...