WithSecure researchers found overlapping tools and malware, such as DarkGate, Ducktail, Redline, and Lobshot, being used in cyberattacks, making it difficult to attribute operations to specific groups. Analysts consider it likely that one actor is behind multiple campaigns. The attackers use social engineering to trick digital marketing professionals into downloading malware disguised as job listings, and make no attempt to hide their operations. Among their tactics, fake job openings at Corsair in the UK and at Groww in India have been used.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some