Cyble-Quarter-Two-Ransomware-Threat-Report-2021

Ransomware Threat Report Q2-2021

This blog showcases Cyble’s research on the most active ransomware groups in Quarter 2 2021. Conti ransomware group has been responsible for the highest number of attacks.

Cyble-Android App-Disguised-QR scanner-Spreads Joker Trojan Malware Variant

Android App Disguised as a QR scanner, Spreads Joker Variant Trojan

A Joker malware performs the malware functionality of a Spyware or a Trojan and signs up a user for a premium subscription and downloads the infection application from the threat actor’s command-and-control server to the unsuspecting user’s device.  Generally, this type of malware is quite undetectable. It works by extracting SMS details and other personal information from the user’s device by displaying ads, that interact with advertisement sites.  Some of the primary information that the malware can steal from the victim’s device are:  Text messages  Device …

Android App Disguised as a QR scanner, Spreads Joker Variant Trojan Read More »

Cyble-DeepDive-Analysis-Hacker-Data-Leak-Indonesia-200-Million-Citizen-Personal-Data

Indonesia Under Sophisticated Cyberattacks: A Deep-dive Analysis of Threat Actors Targeting the Indonesian Ecosystem

On May 12, 2021, more than 200M personally identifiable information (PII) of Indonesians was found to have been stolen and sold on RaidForums, contributing to a succession of cybercrime events. The lack of data protection standards and enforcement of security regulations is making the situation worrisome. In the recent incident, a threat actor (TA) with the alias ‘Kotz’ claimed to be in procession of the personal data of 279 million Indonesian citizens, both alive and dead, in a post on the cybercrime forum. The actor claimed …

Indonesia Under Sophisticated Cyberattacks: A Deep-dive Analysis of Threat Actors Targeting the Indonesian Ecosystem Read More »