Cobalt Group Uses New Version of ThreadKit Malware

Kacy Zurkus | December 17, 2018

Cobalt Group Uses New Version of ThreadKit Malware
Researchers have discovered a new version of ThreadKit, malware known to be used by Cobalt Group, first identified in 2016, according to Fidelis Cybersecurity. In the recently released report, Fidelis threat research analysts found that despite reported arrests, Cobalt Group continues to remain active, using a new version of ThreadKit, a macro delivery framework sold and used by numerous actors and groups. In addition, researchers identified CobInt, a loader and backdoor framework utilized in profiling systems. The threat group had largely been targeting banks in Eastern Europe using phishing emails with malicious PDF attachments that allowed the group to steal more than $32,000 from multiple ATMs in an overnight attack. “The group has since built a reputation for their highly targeted, network intrusion methods. They expanded their geographical target area out of Eastern Europe, to include North America, South America and Western Europe as well as expanded their targets from banks, to also include supply chain companies, financial exchanges, investment funds, and lenders,” wrote Jason Reaves, Fidelis threat research principal engineer, in a blog post. Prior to Interpol reportedly arresting the group’s leader in March 2018, it was estimated that the threat actors had pilfered as much as $1.2 billion from banks across 40 different countries.

Spotlight

Explore the benefits of storage automation with EMC ViPR Controller and learn how you can deliver simple, extensible, open policy-driven storage-as-a-service.


Other News
AI TECH

IBM And Black & Veatch Work Together On AI-Powered Monitoring Solutions

IBM | August 04, 2021

IBM and Black & Veatch announced today a partnership to collaboratively market Asset Performance Management (APM) solutions, along with remote monitoring technologies that integrate near real-time data analytics with ai technology to serve consumers in keeping equipment and assets operating at maximum performance and reliability. The firms are working together to develop solutions that combine Black & Veatch Asset Management Services (AMS) and digital analytics with IBM Maximo Application Suite. These solutions are intended to assist businesses in supporting more robust operations for assets in the industrial, energy, and utility sectors. Black & Veatch has four mo...

Read More

SOFTWARE

OpenTeQ collaborates with Microsoft & Oracle for Digital Transformation in organizations

OpenTeQ | August 03, 2021

OpenTeQ, (ISO 27001 and ISO 9001 compliant) a Global Digital solutions & IT services firm has joined hands with Microsoft & Oracle to accelerate digital transformation. This partnership enables OpenTeQ to deliver a customized, highly optimized, best-of-both-clouds experience with their enterprise solutions. OpenTeQ can now create cross-cloud solutions including multi-application cloud deployment and integration, multi-layered cloud data management, cross-cloud data analysis and rapid migration of operations to the cloud to optimize output while maximizing the agility, scalability and efficiency across the enterprise. With this collaboration, OpenTeQ aims to bring a mod...

Read More

SOFTWARE

Arqit Introduces QuantumCloudTM to Provide Stronger, Easier Encryption

Arqit | August 02, 2021

Arqit Limited (“Arqit”), a pioneer in quantum encryption technology, unveils the launching of QuantumCloudTM 1.0, the initial version of its service. Customers can use this PlatformasaService software to protect the communications channels and data of any cloud, edge, or endpoint device. The service combines transformative and one-of-a-kind improvements in quantum and classical cryptography. The release of QuantumCloudTM 1.0 enables users to secure devices internationally by offering a robust device authentication capability, on top of which the agreement of symmetric keys between authenticated and authorised devices is implemented. Crucially, because the trustless...

Read More

SOFTWARE

Cure, The Industry's First Self-Repairing Software, Is Released By Whitesource

WhiteSource | July 30, 2021

WhiteSource Cure, the first-ever security auto-remediation programme developed for bespoke code, was released today. This ground-breaking release enables enterprises to increase the speed with which safe software is delivered at scale. Today's software developers and security professionals are struggling to resolve an ever-growing backlog of security vulnerabilities while adhering to ambitious delivery timetables. Indeed, according to WhiteSource customer feedback, the average developer effort for a single security repair is about half a day, which can lead to significant delays in product deliveries. WhiteSource Cure functions as a developer's personal security specia...

Read More

Spotlight

Explore the benefits of storage automation with EMC ViPR Controller and learn how you can deliver simple, extensible, open policy-driven storage-as-a-service.

Resources

Events