Acronis TRU analyses Makop ransomware’s updated toolkit, with attackers adding new components such as local privilege escalation exploits and GuLoader for secondary payloads. 55% of observed cases hit Indian organisations, with further victims in Brazil & Germany. www.acronis.com/en/tru/posts...
December 9, 2025 at 11:21 AM
Acronis TRU analyses Makop ransomware’s updated toolkit, with attackers adding new components such as local privilege escalation exploits and GuLoader for secondary payloads. 55% of observed cases hit Indian organisations, with further victims in Brazil & Germany. www.acronis.com/en/tru/posts...
#TZULO: Fav. Host of #UNC6040🇺🇸
Malicious events:-
📌LLM Hijacking
📌Fortigate VPN Bruteforce
📌ZynorRAT, AsyncRAT, RemcosRAT, AgentTesla, GuLoader, QakBot, RecordBreaker
📌#SAFEPAY #Ransomware 68.235.46[.]80
github.com/TheRavenFile...
#Salesloft #Salesforce #CyberSecurity #InfoSec #OSINT #Darkweb
Malicious events:-
📌LLM Hijacking
📌Fortigate VPN Bruteforce
📌ZynorRAT, AsyncRAT, RemcosRAT, AgentTesla, GuLoader, QakBot, RecordBreaker
📌#SAFEPAY #Ransomware 68.235.46[.]80
github.com/TheRavenFile...
#Salesloft #Salesforce #CyberSecurity #InfoSec #OSINT #Darkweb
September 15, 2025 at 6:37 AM
#TZULO: Fav. Host of #UNC6040🇺🇸
Malicious events:-
📌LLM Hijacking
📌Fortigate VPN Bruteforce
📌ZynorRAT, AsyncRAT, RemcosRAT, AgentTesla, GuLoader, QakBot, RecordBreaker
📌#SAFEPAY #Ransomware 68.235.46[.]80
github.com/TheRavenFile...
#Salesloft #Salesforce #CyberSecurity #InfoSec #OSINT #Darkweb
Malicious events:-
📌LLM Hijacking
📌Fortigate VPN Bruteforce
📌ZynorRAT, AsyncRAT, RemcosRAT, AgentTesla, GuLoader, QakBot, RecordBreaker
📌#SAFEPAY #Ransomware 68.235.46[.]80
github.com/TheRavenFile...
#Salesloft #Salesforce #CyberSecurity #InfoSec #OSINT #Darkweb
Warning Against Phishing Emails Distributing GuLoader Malware by Impersonating a Famous International Shipping Company asec.ahnlab.com/en/87002/
Warning Against Phishing Emails Distributing GuLoader Malware by Impersonating a Famous International Shipping Company - ASEC
AhnLab SEcurity intelligence Center (ASEC) recently identified the distribution of GuLoader malware via a phishing email by impersonating a famous international shipping company. The phishing email…
asec.ahnlab.com
May 10, 2025 at 8:54 AM
Warning Against Phishing Emails Distributing GuLoader Malware by Impersonating a Famous International Shipping Company asec.ahnlab.com/en/87002/
The newest Weekly Bulletin is live! Watch out for an uptick in employment scams, the latest of the GuLoader campaigns, and the latest advisories and news updates.
Read here: www.cyber.nj.gov/connect/week...
Read here: www.cyber.nj.gov/connect/week...
May 8, 2025 at 7:42 PM
The newest Weekly Bulletin is live! Watch out for an uptick in employment scams, the latest of the GuLoader campaigns, and the latest advisories and news updates.
Read here: www.cyber.nj.gov/connect/week...
Read here: www.cyber.nj.gov/connect/week...
Microsoft documenta una serie di attacchi phishing a tema fiscale che sfruttano l’IRS per installare malware come Latrodectus, BRc4 e Remcos
#AHKBot #BRc4 #cybercrime #guloader #IRS #Latrodectus #malware #PHISHING #RaccoonO365 #Remcos
www.matricedigitale.it/sicurezza-in...
#AHKBot #BRc4 #cybercrime #guloader #IRS #Latrodectus #malware #PHISHING #RaccoonO365 #Remcos
www.matricedigitale.it/sicurezza-in...
April 4, 2025 at 11:21 AM
Microsoft documenta una serie di attacchi phishing a tema fiscale che sfruttano l’IRS per installare malware come Latrodectus, BRc4 e Remcos
#AHKBot #BRc4 #cybercrime #guloader #IRS #Latrodectus #malware #PHISHING #RaccoonO365 #Remcos
www.matricedigitale.it/sicurezza-in...
#AHKBot #BRc4 #cybercrime #guloader #IRS #Latrodectus #malware #PHISHING #RaccoonO365 #Remcos
www.matricedigitale.it/sicurezza-in...
2025-03-24 (Monday): #GuLoader for #Remcos #RAT ( #RemcosRAT ) distributed through email - More info at github.com/malware-traf...
March 25, 2025 at 5:43 PM
2025-03-24 (Monday): #GuLoader for #Remcos #RAT ( #RemcosRAT ) distributed through email - More info at github.com/malware-traf...
We've just published the Q1 2025 #VBSpam report measuring the performance of email security solutions: we continued to see solid performance against spam, the few exceptions being non-English phishing emails and PureCryter & Guloader malspam cases. www.virusbulletin.com/virusbulleti...
March 25, 2025 at 1:54 PM
We've just published the Q1 2025 #VBSpam report measuring the performance of email security solutions: we continued to see solid performance against spam, the few exceptions being non-English phishing emails and PureCryter & Guloader malspam cases. www.virusbulletin.com/virusbulleti...
2025-02-07 (Friday): Today's boring example of #malpsam pushing #GuLoader for #AgentTesla style malware. EXE of this malware available at bazaar.abuse.ch/sample/833aa...
February 7, 2025 at 9:51 PM
2025-02-07 (Friday): Today's boring example of #malpsam pushing #GuLoader for #AgentTesla style malware. EXE of this malware available at bazaar.abuse.ch/sample/833aa...
The latest release for ACCE is available with updated support for #HijackLoader #GuLoader #VeilShell #CakeDropper and more. www.ciphertechsolutions.com/acce-release...
ACCE Release Notes v2.8.20241126 – Cipher Tech Solutions, Inc.
www.ciphertechsolutions.com
December 3, 2024 at 6:11 PM
The latest release for ACCE is available with updated support for #HijackLoader #GuLoader #VeilShell #CakeDropper and more. www.ciphertechsolutions.com/acce-release...
#TA558 hackers are using steganography to hide and distribute #malware like Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and XWorm in love-themed documents to target different industries.
thehackernews.com/2024/04/ta55...
#hacking #cybersecurity
thehackernews.com/2024/04/ta55...
#hacking #cybersecurity
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
TA558 hackers are using steganography to hide and distribute malware like Agent Tesla, FormBook, Remcos RAT, LokiBot.
thehackernews.com
April 17, 2024 at 12:08 AM
#TA558 hackers are using steganography to hide and distribute #malware like Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and XWorm in love-themed documents to target different industries.
thehackernews.com/2024/04/ta55...
#hacking #cybersecurity
thehackernews.com/2024/04/ta55...
#hacking #cybersecurity
Hackers Abuses SVG Image Files to Deliver GUloader Malware
Hackers Abuses SVG Image Files to Deliver GUloader Malware
Hackers are exploiting the versatility of SVG files to distribute the GUloader malware, which is a powerful cybercriminal tool.
cybersecuritynews.com
February 29, 2024 at 8:12 AM
Hackers Abuses SVG Image Files to Deliver GUloader Malware
#AgentTesla (dropped by #GuLoader .vbs file [1]) is using the PowerShell framework Pester [2] to enumerate the victim host and evade detections. It's also running the BitsTransfer PowerShell module in a loop to download further stages from Google Drive [3] (Viru.aaf .... subtle 😂).
agenttesla | 71b66878e07f7fd1f045ee86c04af2d1ea63717de005893b04741b0fb236bf92 | Triage
Check this agenttesla report malware sample
71b66878e07f7fd1f045ee86c04af2d1ea63717de005893b04741b0fb236bf92, with a score of 10 out of 10.
tria.ge
November 20, 2024 at 4:55 PM
#AgentTesla (dropped by #GuLoader .vbs file [1]) is using the PowerShell framework Pester [2] to enumerate the victim host and evade detections. It's also running the BitsTransfer PowerShell module in a loop to download further stages from Google Drive [3] (Viru.aaf .... subtle 😂).
🪱 #malware
GuLoader, aka CloudEyE, is a complex shellcode-based malware downloader (first discovered in 2019). Uses a variety of anti-analysis tactics to evade detection and deliver a wide range of payloads, including information stealers, typically, using phishing tactics.
GuLoader, aka CloudEyE, is a complex shellcode-based malware downloader (first discovered in 2019). Uses a variety of anti-analysis tactics to evade detection and deliver a wide range of payloads, including information stealers, typically, using phishing tactics.
December 12, 2023 at 2:37 PM
🪱 #malware
GuLoader, aka CloudEyE, is a complex shellcode-based malware downloader (first discovered in 2019). Uses a variety of anti-analysis tactics to evade detection and deliver a wide range of payloads, including information stealers, typically, using phishing tactics.
GuLoader, aka CloudEyE, is a complex shellcode-based malware downloader (first discovered in 2019). Uses a variety of anti-analysis tactics to evade detection and deliver a wide range of payloads, including information stealers, typically, using phishing tactics.
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques thehackernews.com/20... #cybersecurity #infosec #privacy
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
thehackernews.com
December 10, 2023 at 11:29 PM
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques thehackernews.com/20... #cybersecurity #infosec #privacy
🔒💻 Experts unveil new evasion tactics of GuLoader #malware, a sophisticated shellcode-based downloader for dangerous payloads.
thehackernews.com/2023/12/rese...
#cybersecurity #hacking
thehackernews.com/2023/12/rese...
#cybersecurity #hacking
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
thehackernews.com
December 9, 2023 at 10:02 PM
🔒💻 Experts unveil new evasion tactics of GuLoader #malware, a sophisticated shellcode-based downloader for dangerous payloads.
thehackernews.com/2023/12/rese...
#cybersecurity #hacking
thehackernews.com/2023/12/rese...
#cybersecurity #hacking
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
thehackernews.com
December 9, 2023 at 7:33 AM
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
#thehackersnews
#thehackersnews
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
thehackernews.com
December 9, 2023 at 7:30 AM
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
#thehackersnews
#thehackersnews
Our latest Release notes for ACCE v2.2.20231027 are live. www.ciphertechsolutions.com/acce-release... #LoreCrypter #RecordBreaker #ChargeWeapon #REF5961 #GuLoader #HijackLoader
November 1, 2023 at 3:51 PM
Our latest Release notes for ACCE v2.2.20231027 are live. www.ciphertechsolutions.com/acce-release... #LoreCrypter #RecordBreaker #ChargeWeapon #REF5961 #GuLoader #HijackLoader
Last friday, we published a report on GuLoader targeting the energy sector in 🇫🇷 and elsewhere.
This report, initially drafted in July for our client, has been recently updated to include new victims we identified.
www.intrinsec.com/wp-content/u...
This report, initially drafted in July for our client, has been recently updated to include new victims we identified.
www.intrinsec.com/wp-content/u...
October 5, 2023 at 5:28 AM
Last friday, we published a report on GuLoader targeting the energy sector in 🇫🇷 and elsewhere.
This report, initially drafted in July for our client, has been recently updated to include new victims we identified.
www.intrinsec.com/wp-content/u...
This report, initially drafted in July for our client, has been recently updated to include new victims we identified.
www.intrinsec.com/wp-content/u...
Researchers Uncover the Bond Between the Infamous Remcos RAT and GuLoader
Researchers Uncover the Bond Between the Infamous Remcos RAT and GuLoader
Threat actors adopting the use of two software GuLoader (also known as CloudEyE Protector) and Remcos (Remote administration tool) for malicious purposes
cybersecuritynews.com
September 20, 2023 at 3:03 PM
Researchers Uncover the Bond Between the Infamous Remcos RAT and GuLoader
Three malicious programs - QBot, SocGholish and Raspberry Robin - are responsible for 80 % of the observed attacks on computers and networks this year. The other seven in the lineup lag far behind the leading trio: Gootloader at 3 % and Guloader, Chromeloader and Ursnif at 2 percent. (The Register)
These 3 loaders were behind 80% of intrusions this year
Top of the list to trip sensors
www.theregister.com
August 29, 2023 at 4:59 PM
Three malicious programs - QBot, SocGholish and Raspberry Robin - are responsible for 80 % of the observed attacks on computers and networks this year. The other seven in the lineup lag far behind the leading trio: Gootloader at 3 % and Guloader, Chromeloader and Ursnif at 2 percent. (The Register)