Conti's Source Code: Deep Dive
Conti's Source Code: Deep Dive
March 2, 2022

 INTRODUCTION On 25.02.2022 cybercrime group Conti published the following statement on their shame blog:   The post was...

Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
Ukraine: Analysis of the new disk-wiping malware (HermeticWiper)
February 24, 2022

Very recently a new type of destructive malware named by the security community “HermeticWiper” was used to attack organ...

2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
January 12, 2022

This past year 2021 was characterized by an increase in ransomware incidents, not only in regards to occurrence but also...

Dharma/Crysis: Overview and Adversary Tracking
Dharma/Crysis: Overview and Adversary Tracking
September 17, 2021

Dharma, a family of ransomware first spotted in 2016, is a malicious program that encrypts a victim’s files and takes as...

A RattleSnake in the Navy
A RattleSnake in the Navy
September 10, 2021

Recent geopolitical events are leading to an increase in cyber operations in the Central Asian region. Among the actors ...

A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
June 3, 2021

This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy. Based on lo...

Welcome
Welcome
February 15, 2021

This is the welcome post for Cluster25 threat intelligence research blog. Through this space, the team will share analys...