Pierluigi Paganini January 23, 2022
Molerats cyberespionage group uses public cloud services as attack infrastructure

Cyberespionage group Molerats has been observed abusing legitimate cloud services, like Google Drive and Dropbox as attack infrastructure. Zscaler ThreatLabz analyzed an active espionage campaign carried out by Molerats cyberespionage group (aka TA402, Gaza Hackers Team, Gaza Cybergang, and Extreme Jackal) that abuses legitimate cloud services like Google Drive and Dropbox as attack infrastructure. Public […]

Pierluigi Paganini June 18, 2021
The return of TA402 Molerats APT after a short pause

TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East. The TA402 APT group (aka Molerats and Gaza Cybergang) is back after a two-month of apparent inactivity, it is targeting government institutions in the Middle East and global government entities with interest in the region. MoleRATs is […]

Pierluigi Paganini June 08, 2014
FireEye detected Molerats attacks on a large scale based on Xtreme RAT

FireEye Labs recently identified several new Molerats attacks based on Xtreme RAT targeting US financial institutions and European government organizations. FireEye experts between 29 April and 27 May have identified several new Molerats attacks targeting organizations across the globe. European government organizations, at least one U.S. financial institution and other private entities were hit by cyber […]

Pierluigi Paganini August 25, 2013
Poison Ivy still alive, old malware new cyber threats – FireEye report

Security vendor FireEye has published a detailed analysis on the popular Poison Ivy RAT, releasing also a set of tools to analyze infections. Security firm FireEye published an interesting analysis on the popular malware Poison Ivy, a remote access trojan (RAT) used in RSA SecurID attack. Poison IVY was also used in the 2011 Nitro […]