IBM X-Force has been monitoring the evolution of Russian threat actor Hive0051’s malware capabilities for the past 18 months, noting significant advances. Key improvements include a multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and fileless PowerShell versions of Gamma malware. Hive0051’s escalating activity, including an increase in active infections and unique malicious domains, signifies an elevation of resources and ongoing operations.
They’ve escaped a lot of media attention, but Anubis RaaS is a threat to the medical sector
Although many ransomware gangs no longer encrypt victims and focus on exfiltration and extortion, some groups continue to encrypt. Anubis RaaS is one of them.
