RansomHub affiliate leverages multi-function Betruger backdoor - Help Net Security

Researchers Uncover FIN7's Stealthy Python-Based Anubis Backdoor

Researchers have recently discovered a sophisticated Python-based backdoor, known as the Anubis Backdoor, deployed by the notorious cybercrime group FIN7. This advanced threat actor, active since at least 2015, has been responsible for billions of dollars in damages globally, primarily targeting the financial and hospitality sectors. The Anubis Backdoor represents a significant evolution in FIN7’s […] The post Researchers Uncover FIN7’s Stealthy…

New 'Betruger' Backdoor Linked to RansomHub Affiliate, Raising Concerns Over Federal Oversight

Security researchers have uncovered a new backdoor, ominously named 'Betruger' (German for 'imposter' or 'deceiver'), which has been deployed in a series of recent ransomware attacks. Preliminary analysis suggests a connection between Betruger and an affiliate operating within the RansomHub ransomware-as-a-service (RaaS) ecosystem.The discovery of Betruger highlights the evolving sophistication of cybercriminals and the challenges security profe…

RansomHub affiliate leverages multi-function Betruger backdoor - Help Net Security

A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The Betruger backdoor The malware can take screenshots, log keystroke, scan networks, dump credentials, upload files to a command and control (C2) server, as well as be leveraged for privilege escalation. “Betruger was found while investigating an attempted attack. From there we …

RansomHub: Attackers Leverage New Custom Backdoor

Betruger backdoor being used by at least one affiliate of RansomHub.