ABOUT

VISIT SENTINELONE.COM

Crimeware

AkiraBot Ftr

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale

Alex Delamotte & Jim Walter / April 9, 2025

AkiraBot uses OpenAI to generate custom outreach messages to spam chat widgets and website contact forms at scale.

Cybervolk V2 Ftr

CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks

Jim Walter / November 25, 2024

A loose collective of mostly low-skilled actors, CyberVolk absorbs and adapts a wide array of destructive malware for use against political targets.

Kryptina Desert Ftr

Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware

Jim Walter / September 23, 2024

Kryptina's adoption by Mallox affiliates complicates malware tracking as ransomware operators blend different codebases into new variants.

Xeon Dive Bg

Xeon Sender | SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Alex Delamotte / August 19, 2024

Cloud attack tool has been repurposed by multiple threat actors to push SMS spam and smishing campaigns through major SaaS providers.

NullBulge Ransomware Threat Actor Masquerades As Hacktivist Group Rebelling Against AI2

NullBulge | Threat Actor Masquerades as Hacktivist Group Rebelling Against AI

Jim Walter / July 16, 2024

Actors are masquerading as hacktivists targeting AI-centric communities with commodity malware and customized LockBit payloads.

SNS Sender Active Campaigns Unleash Messaging Spam Through The Cloud 3

SNS Sender | Active Campaigns Unleash Messaging Spam Through the Cloud

Alex Delamotte / February 15, 2024

Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.

Exploring FBot Python Based Malware Targeting Cloud And Payment Services 6

Exploring FBot | Python-Based Malware Targeting Cloud and Payment Services

Alex Delamotte / January 11, 2024

FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.

Cloudy With A Chance Of Credentials AWS Targeting Cred Stealer Expands To Azure GCP 9

Cloudy With a Chance of Credentials | AWS-Targeting Cred Stealer Expands to Azure, GCP

Alex Delamotte / July 13, 2023

Cloud credentials stealing campaign expands to target Azure and Google Cloud via unpatched web app vulnerabilities.

Hypervisor Ransomware Multiple Threat Actor Groups Hop On Leaked Babuk Code To Build ESXi Lockers

Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers

Alex Delamotte / May 11, 2023

Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.

IceFire Ransomware Returns Now Targeting Linux Enterprise Networks 8

IceFire Ransomware Returns | Now Targeting Linux Enterprise Networks

Alex Delamotte / March 9, 2023

New Linux version of the IceFire ransomware have been observed in recent network intrusions of media and entertainment enterprises.

1 2 3 … 7

Next

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
April 9, 2025
LABScon24 Replay | A Walking Red Flag (With Yellow Stars)
March 31, 2025
LABScon24 Replay | Kryptina RaaS: From Unsellable Cast-off to Enterprise Ransomware
March 26, 2025

Labs Categories

Crimeware
Security Research
Advanced Persistent Threat
Adversary
LABScon
Security & Intelligence

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

LABScon24 Replay | A Walking Red Flag (With Yellow Stars)
March 31, 2025
LABScon24 Replay | Kryptina RaaS: From Unsellable Cast-off to Enterprise Ransomware
March 26, 2025
LABScon24 Replay | Resilience and Protection in the Windows Ecosystem
March 12, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2025 SentinelOne, All Rights Reserved.