Watch out, there’s a new malvertising scheme spreading dangerous ransomware

0
12

Cybercriminals known as Twisted Spider (AKA Storm-0216) were observed using the services of Storm-1044, which infected target endpoints with an initial access trojan called DanaBot. Twisted Spider would then use this access to deploy the CACTUS ransomware.

In a Twitter thread, Microsoft security researchers said Storm-0216 was known for leveraging QakBot’s infrastructure for infections, but since law enforcement dismantled this operation last summer, the group was forced to pivot to a different platform. 

LEAVE A REPLY

Please enter your comment!
Please enter your name here