BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Code red for the entire world: the TrueBot botnet's threat grows.

    Alarms are being raised by international cybersecurity organisations due to TrueBot's increased activity.

    US and Canadian authorities warned on July 6, 2023, about increased Truebot malware activity linked to new strategies, techniques, and procedures (TTPs).

    Hackers are using new Truebot malware variants to attack organisations in the USA and Canada, according to a joint bulletin from the Cybersecurity and Infrastructure Protection Agency (CISA), the Federal Bureau of Investigation (FBI), the Internet Security Center (MS-ISAC), and the Canadian Cyber Security Center (CCCS). Since May 31, experts have noticed an increase in TrueBot activity that is motivated by money.

    The well-known cybercriminal organisations Clop and Silence are known to use Truebot to steal information from victims. The Silence group, which specialised in extensive attacks on financial institutions, is credited with creating Truebot in 2017.

    According to the agencies, the attackers have switched to new tactics and have begun using variants that exploit the RCE vulnerability (CVE-2022-31199 CVSS: 9.8) in the Netwrix Auditor application. The attackers previously distributed the software through malicious attachments in phishing emails. Attackers can gain initial access to the compromised network and navigate it by utilising the bug.

    More than 13,000 companies in 100 nations audit on-premises and cloud IT systems, as well as security and compliance audits, using Netwrix Auditor. Over 500 TrueBot botnet infections have been found as of December 2022, primarily in the US and Canada.

    The bulletin goes on to say that Truebot changes its name and sends FlawedGrace to the host after downloading the harmful file. The RAT Trojan then makes changes to the registry and spooler programmes, enabling it to gain elevated privileges and create persistence. The experts also brought up Truebot's association with Raspberry Robin and Cobalt Strike, two additional malware delivery methods.

    VMware cybersecurity researchers also found the May spike in TrueBot activity. They noted that the primary purpose of TrueBot is to gather data from the host and launch next-stage payloads like Cobalt Strike, the FlawedGrace trojan, and the as-yet-unknown Teleport data exfiltration tool. Lateral movement and data collection are carried out after which the Clop ransomware binary file is launched. An examination of the Teleport tool revealed that messages from Outlook and files from OneDrive and Downloads are the only things it is used for.

    Applying patches for Netwrix Auditor as well as monitoring and controlling software execution are some of the steps recommended by experts to reduce the increased threat from Truebot.

    Author DeepWeb
    In Latin America, the Trojan horse "TOITOIN" gallops through businesses.
    The biggest hack on the Multichain cryptocurrency platform has occurred since it launched.

    Comments 0

    Add comment