AiD Lock is not a newcomer to malware development and was previously associated with the AiD Locker ransomware-as-a-service (RaaS) program as well as with a group called PHANTOM DEV or DeadXInject Hack. Security researchers from threat intelligence firm Intel 471 first spotted AresLoader in November when it was advertised by a user with the monikers AiD Lock and DarkBLUP on Telegram and two well-known underground forums. The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software. Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader.
0 kommentar(er)
