Security Affairs

OCTOBER 21, 2021

The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007.

Ransomware 115

Ransomware File names Encryption Government 115

Security Affairs

OCTOBER 18, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases. ” continues the report.

File names 108

File names Encryption Manufacturing Libraries 108

Security Affairs

SEPTEMBER 13, 2023

The APT41 group (aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. UK, Australian, Canadian, and New Zealand governments issued a joint alert about China-linked threat actors targeting CNI organizations and using living off the land to evade detection.

File names 112

File names Access Encryption Communications 112