216.73.217.22

How Cracks and Installers Bring Malware to Your Device

· Published 14/01/2025 15:22 · Modified 15/01/2025 19:48

Export JSON

Essential information

Published
14/01/2025 15:22
Modified
15/01/2025 19:48
Tags
2025-01-14 amadey c2 servers cyber threats domains hashes ioc lummastealer malware detection marsstealer penguish privateloader revil rugmi sodin sodinokibi urls vidar
Related entities
14 techniques (mitre), 10 malware

Description

Trend Micro research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data.

Related entities

Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.

Techniques (MITRE) (14)

Malware (10)

  • MARSSTEALER
    Family
    Published 14/01/2025 15:22 · Modified 14/01/2025 15:22
  • Rugmi
    Family
    Published 04/04/2025 19:54 · Modified 04/04/2025 19:54
  • Sodinokibi
    Family
    Published 14/01/2025 15:22 · Modified 14/01/2025 15:22
  • Sodin
    Family
    Published 14/01/2025 15:22 · Modified 14/01/2025 15:22
  • REvil - S0496
    Family
    Published 14/01/2025 15:22 · Modified 14/01/2025 15:22
  • LummaStealer
    Family
    Published 19/05/2026 17:52 · Modified 19/05/2026 17:52
  • Penguish
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 Published 21/12/2025 07:17 · Modified 21/12/2025 13:21
  • Amadey - S1025
    Family
    Published 29/09/2025 08:06 · Modified 29/09/2025 08:06
  • Vidar
    Family
    Published 16/06/2026 09:50 · Modified 16/06/2026 09:50
  • PrivateLoader
    Family
    Published 14/01/2025 15:22 · Modified 14/01/2025 15:22

External references