CyberVolk, a ransomware-as-a-service provider with pro-Russian links, has emerged as a major new hacktivist group, blending political and financial cybercrime. Described by SentinelLabs, the group, formerly known as GLORIAMIST and Solntsevskaya, conducts financially motivated attacks citing geopolitical motives as justification. It also uses code from other hacktivist groups and has shifted from DDoS attacks to ransomware. CyberVolk’s operations, rivalry with other groups, and reuse of leaked ransomware code contribute to the growing complexity of ransomware landscape.
Fake PDFCandy Websites Spread Malware via Google Ads
CloudSEK has discovered a recent malware campaign where hackers are impersonating PDFCandy.com to spread ArechClient2 malware. The malware steals sensitive user information like usernames and
