The Cluster25 Blog
Conti’s Source Code: Deep Dive
Conti’s Source Code: Deep Dive By Cluster25 Threat Intel Team March 2, 2022 INTRODUCTION On 25.02.2022 cybercrime group Conti published the following statement on their shame blog:
Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
Ukraine: Analysis of the new disk-wiping malware (HermeticWiper) By Cluster25 Threat Intel Team February 24, 2022 Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organizations
2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion By Cluster25 Threat Intel Team January 12, 2022 This past year 2021 was characterized by an increase in ransomware incidents, not only in
North Korean Group “KONNI” Targets the Russian Diplomatic Sector with new Versions of Malware Implants
North Korean Group “KONNI” Targets the Russian Diplomatic Sector with new Versions of Malware Implants By Cluster25 Threat Intel Team January 3, 2022 Cluster25 analyzed a recent attack linked to the North Korean APT group
Dharma/Crysis: Overview and Adversary Tracking
Dharma/Crysis: Overview and Adversary Tracking By Cluster25 Threat Intel Team September 17, 2021 Dharma, a family of ransomware first spotted in 2016, is a malicious program that encrypts a victim’s files and takes as hostage
A RattleSnake in the Navy
A RattleSnake in the Navy By Cluster25 Threat Intel Team September 10, 2021 Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors involved in these
