Tracking the FBI’s Most Wanted: “RedLine” Info-Stealer Creator Maxim Rudometov
A coalition of international law enforcement agencies has been investigating the creator and distributor of the notorious infostealer variant RedLine in an operation codenamed “Operation Magnus.” RedLine, a MaaS (Malware-as-a-Service), has stolen sensitive data from millions of users worldwide, including credit card information, browser history, autofill form data, emails, and passwords. Active since 2020, RedLine […]
Malicious PyPI crypto pay package aiocpa implants infostealer code
Executive Summary ReversingLabs’ machine learning-based threat hunting system detected malicious code in a legitimate looking package, aiocpa, last week that was engineered to compromise crypto currency wallets. RL then reported the malicious package to the Python Package Index (PyPI) to be taken down, and the PyPI team then published their own blog about the package. Shortly after, researchers at […]
Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows
Cado Security Labs have identified a new sophisticated scam targeting people who work in Web3. The campaign includes crypto stealer Realst that has both macOS and Windows variants, and has been active for around four months. The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy. The […]
Hudson Rock Launches CavalierGPT: The First Comprehensive Infostealer Intelligence AI Bot (Free)
December 10, 2024 – Hudson Rock, a leader in cybercrime intelligence, is proud to announce the official launch of CavalierGPT, the industry’s first AI-powered bot dedicated to providing comprehensive intelligence on infostealer malware. CavalierGPT leverages Hudson Rock’s vast database of stolen data and insights into infostealer operations to deliver instant, actionable intelligence for cybersecurity teams […]
Hudson Rock Announces First Comprehensive Infostealers AI Bot: CavalierGPT
Hudson Rock is thrilled to announce the launch of CavalierGPT, the first-ever Infostealer Intelligence AI Bot designed to empower researchers with free access to data associated with Infostealer infections. CavalierGPT retrieves and curates information from various Hudson Rock endpoints, enabling investigators to delve deeper into cybersecurity threats with unprecedented ease and efficiency. We are excited […]
Massive MOVEit Vulnerability Breach: Hacker Leaks Employee Data from Amazon, McDonald’s, HSBC, HP, and Potentially 1000+ Other Companies
Written by Alon Gal A person operating under the username Nam3L3ss has exploited a critical vulnerability in MOVEit, a file transfer software, exposing extensive employee data from prominent companies worldwide. The vulnerability, known as CVE-2023–34362, has led to one of the most substantial leaks of corporate information this year, affecting various sectors, including finance, healthcare, […]
Threat actors use copyright infringement phishing lure to deploy infostealers
Phishing email campaign targets Taiwan Talos observed an unknown threat actor conducting a malicious phishing campaign targeting victims in Taiwan since at least July 2024. The campaign specifically targets victims whose Facebook accounts are used for business or advertising purposes. The initial vector of the campaign is a phishing email containing a malware download link. […]
Mnemonic Security Podcast – Infostealers
In this new episode of the mnemonic security podcast, Robby Peralta is joined by Leonid Rozenberg, a cybersecurity expert and dark web researcher at Hudson Rock, to discuss infostealers. Rozenberg provides a brief history of infostealers, which began with Zeus in 2007, a malware initially designed to steal only banking information. Today, infostealers have evolved […]
Schneider Electric Hacked and Blackmailed Following Lumma Infostealer Infection
Free Infostealer Intelligence Tools by Hudson Rock – www.hudsonrock.com/free-tools On November 4th, Schneider Electric acknowledged a data breach in which hackers stole 40GB of data from the company’s Jira server. “Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated […]
Law Enforcement Hacked Infrastructure of Redline and Meta Infostealers (Operation Magnus)
*Not fully confirmed yet According to the website which was discovered through Redline related Telegram channels, law enforcement was able to hack the infrastructure of Redline and Meta Infostealers and obtain critical data With the message being that more information is to come In addition, law enforcement attached the following video: Update: Security researcher g0njxa […]
Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials
Key findings Overview The GoDaddy Security team is tracking a new variant of ClickFix (also known as ClearFake) fake browser update malware that is distributed via bogus WordPress plugins. These seemingly legitimate plugins are designed to appear harmless to website administrators but contain embedded malicious scripts that deliver fake browser update prompts to end-users. This technique leverages social […]
Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection
Disclaimer: Hudson Rock does not insinuate or imply responsibility or liability on behalf of any parties mentioned herein. The content is intended solely for informational purposes and reflects our findings at the time of publication. Hudson Rock disclaims any responsibility for how this information regarding Infostealer Infection may be interpreted or used by others. Update […]
