Austin Larsen
@austinlarsen.me
Principal Threat Analyst - Google Threat Intelligence Group
This campaign deploys malware like STARKVEIL, XWORM & FROSTRIFT. Our report covers their TTPs including the use of Unicode Braille patterns to obfuscate executable file names and their continuous rotation of domains to evade detection.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Text-to-Malware: How Cybercriminals Weaponize Fake AI-Themed Websites | Google Cloud Blog
Cybercriminals are using fake AI-themed ads and websites to deliver malware such as infostealers and backdoors.
cloud.google.com
May 28, 2025 at 8:40 PM
This campaign deploys malware like STARKVEIL, XWORM & FROSTRIFT. Our report covers their TTPs including the use of Unicode Braille patterns to obfuscate executable file names and their continuous rotation of domains to evade detection.
cloud.google.com/blog/topics/...
cloud.google.com/blog/topics/...
Patch immediately, run the Ivanti external ICT checker, read our latest research for a detailed breakdown of the threat, and checkout Ivanti's advisory for the latest guidance:
forums.ivanti.com/s/article/Se...
forums.ivanti.com/s/article/Se...
Ivanti Community
forums.ivanti.com
January 9, 2025 at 12:42 AM
Patch immediately, run the Ivanti external ICT checker, read our latest research for a detailed breakdown of the threat, and checkout Ivanti's advisory for the latest guidance:
forums.ivanti.com/s/article/Se...
forums.ivanti.com/s/article/Se...