The Lumma Stealer, known for using the malware-as-a-service (MaaS) model, has figured in various campaigns targeting victims in countries like Argentina, Colombia, the U.S., the Philippines, and others since 2022.
The Earth Minotaur threat group recently revived the MOONSHINE exploit kit, first discovered in 2019. According to Trend Micro's in-depth analysis, MOONSHINE had more than 55 servers in 2024 and has been updated with more exploits and functions compared with its 2019 version.
Thousands of people working for organizations in the public, academia, and defense sectors are being targeted by spear-phishing attacks operated by a threat group called "Midnight Blizzard." The messages contained a Remote Desktop Protocol (RDP) configuration file connected to the malicious actor's server.
Our research team analyzed 24.4+ million domains registered between 1 October and 31 December 2024 from the Newly Registered Domains (NRD) Data Feed.
The WIRTE advanced persistent threat (APT) group has been active since at least August 2018. It has targeted government, diplomatic, financial, military, legal, and technology organizations in the Middle East and Europe.
Los Angeles, California, U.S., Jan 16, 2025 -- WhoisXML API is thrilled to announce the launch of First Watch Malicious Domains Data Feed. This innovative release delivers daily predictive threat intelligence, detecting malicious intent in domain registrations ahead of weaponization.
2025 is barely a few weeks old, but we've already heard reports of advanced phishing attacks leveraging generative artificial intelligence (AI). It's scary but not exactly surprising. Threat actors are expectedly using more sophisticated and modern attack techniques and will likely continue to rely on domain names as phishing vehicles.
Banking Trojans have been around for decades and still persist to this day because they effectively siphon off victims' financial data and savings. And one of the latest additions to the ever-growing malware type - ToxicPanda - has been plaguing bank customers throughout Asia and Latin America since October 2024.
As of 2024, more than 560 million people own cryptocurrencies worldwide, which could translate to more than half a million potential cyber attack victims. This widespread adoption may explain the emergence of threats like Hidden Risk, a malicious campaign that uses fake crypto news to distribute the RustBucket malware.
Anyone seeking to establish an online presence appears to have limitless options for reserving Internet domain names. But the question remains: which providers do registrants prefer?