Researchers from KrakenLabs have exposed the operations chain of malware threat actor EncryptHub after the latter suffered security lapses. EncryptHub had compromised over 600 entities, using a multi-stage process involving trojanized applications and sophisticated scripts to extract sensitive victim data. KrakenLabs also found that EncryptHub uses a third-party “pay-per-install” broker to spread its malware and is developing a control interface, called EncryptRAT, to manage attacks more efficiently.
Developer guilty of using kill switch to sabotage employer’s systems
A software developer, Davis Lu, has been found guilty of sabotaging his former employer’s systems by installing custom malware and a “kill switch”. After being
