Key findings By analysing the networks that most hit our honeypots, we found two autonomous systems named Skynet Network Ltd (AS214295) and Inside Network LTD (AS215476), that we assess with a high level of confidence to be operated by the bulletproof hosting provider...
Key findings Pivots on infrastructure associated to a Python backdoor used by RansomHub, as exposed by GuidePoint Security. These pivots enabled us to discover infrastructure close to this one, related to the offensive tool Eye Pyramid. Explanations on the open-source...
Key findings This report presents: Russia-aligned intrusion sets UAC-0050 and UAC-0006 actively continue to launch financially and espionage motivated spam campaigns in both January and February 2025, against worldwide entities, but with a strong focus on Ukraine....
Key findings This report presents: The intrusion set commonly known as Doppelgänger continues to spread disinformation narratives on social medias such as X, through bot accounts specifically made for such campaigns. As for its previous campaigns, Doppelgänger pushes...
Principale conclusion Les Spoofers sont principalement des loueurs d’infrastructures. Ils développent l’outil et ensuite préparent des « places » payantes pour les autres utilisateurs. Ils jouissent d’une position dominante surtout grâce à la différence de...
Key findings A phishing toolkit that we named “Premium panel”, due to the presence of the sentence “Live Control Panel Premium”. This toolkit is comprised of a panel composed of multiple .php pages and .js scripts that handle victim credentials logging and redirection...
