A new crypter and loader named ASMCrypt, which is an “evolved version” of the DoubleFinger malware, is being sold on the dark web. Leveraging TOR networks, it enables users to build and covertly deliver payloads obscured in encrypted .PNG files. This technology can be used by cybercriminals to gain network access for ransomware attacks and data theft. Increasingly, threat actors are collaborating, evidenced by partnerships between groups like GuLoader and Remcos RAT. An information-stealing malware, Lumma Stealer, has also been observed in recent activity.
Rampant ransomware attacks have hit the healthcare industry, with incidents increasing by more than 600%, costing an average of $10 million per breach. This has