Cert2Connect

Unfurling Hemlock Threat group uses cluster bomb campaigns

A threat actor dubbed Unfurling Hemlock has been observed distributing hundreds of thousands of malware samples in a campaign lasting several months. The malware is distributed using a cluster bomb technique where each sample contains multiple stages of nested executable files each containing additional malware payloads. The distributed malware includes stealers like Redline RisePro and Mystic Stealer as well as loaders like Amadey and SmokeLoader. The campaign appears financially motivated and targets victims globally with no specific industry focus. The actor is suspected to be Eastern European based on language artifacts and hosting infrastructure.
Overzicht

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak