Uptime Hamster: 15d 9h 7mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
IntelTracker

Threat Intelligence Monitor

Victimas, actores, TTPs, CVEs, IOCs y referencias verificadas en una interfaz CTI indexable con filtros operativos.

10,941Incidentes
11Filtrados
1,124Actores
0IOCs visibles
Limpiar
Mapa
1
Paises afectados
Alertas
5,931
Amenazas recientes
Brechas
7,202
Filtraciones y victimas
Hackeos
8,892
Incidentes investigables

Actividad filtrada

TTPs principales

T15662

Actores

GroupIB_TI11

Paises

United States4

Acciones rapidas

Mapa globalGraficosBrechasPanel clasico

Mapa de actividad

Abrir mapa completo →
United States4 incidentes

Filtros directos

RansomwareBrechasCVEsPhishingIntelTracker
11 resultados · pagina 1/1Exportar CSV
Group-IB Threat Intelligence: The Y2K Operators threat actor is using sophisticated #socialengineering lures, disguising payloads as legitimate software, cracked applications, gaming cheat tools (e.g., Roblox), and used PDF decoy documents.2026-06-25
GroupIB_TIcampaignUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: Group-IB telemetry has identified over 62,000 compromised endpoints across more than 160 countries infected with #MilleniumRAT (4.x). The infection velocity is alarming, with over 39,000 of these detections occurring in Q1 2026 alone, representing 64% of all infections. This demonstrates a rapidly accelerating global campaign.2026-06-25
GroupIB_TIcampaignUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: Pinned: #MilleniumRAT (v4.x) marks a significant evolution in the threat landscape. The #malware has been completely rewritten from .NET to a native C++ application, removing .NET dependencies. This architectural shift enables greater stealth and resilience, making detection more challenging. The #Telegram Bot API remains the core C2 mechanism.2026-06-25
GroupIB_TImalwareUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: SilabRAT places significant emphasis on #cryptocurrency theft. Beyond harvesting credentials and browser data, it can identify wallet-related artifacts and automatically attempt password recovery using credentials collected from infected systems. These additions reflect the growing focus on direct monetization within modern #malware ecosystems.2026-06-10
GroupIB_TImalwareUnited States
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: One of SilabRAT's most notable capabilities is its use of Hidden Virtual Network Computing (HVNC). By interacting with services directly from the victim's device, attackers can perform account activity, access sensitive platforms, and conduct fraudulent operations while appearing as a legitimate user originating from the trusted device and IP address. #InfoSec2026-06-10
GroupIB_TIcampaignUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: As browser security evolves, attackers are moving beyond traditional cookie theft. #SilabRAT advertises browser profile cloning, allowing operators to replicate a victim's browser environment, including extensions, storage, and fingerprinting artifacts. This enables access to authenticated sessions that may otherwise resist conventional session hijacking techniques. #CyberThreats #ThreatIntelligence2026-06-10
GroupIB_TIcampaignUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: Validation of sample datasets from claims targeting Gulf banks showed that names and phone numbers were sourced from the 2021 Facebook leak while corresponding password hashes were taken from the October 2020 Eatigo breach, creating composite records that contain legitimate individual identifiers but do not represent actual customers of the targeted organizations.2026-05-20
GroupIB_TIbreachUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: These brokers, operating channels like #Aiqianjin and #YiqunData on Telegram, in addition to other individual brokers on dark web forums such as Exchange Market and Chang'An Sleepless Night, post between 500 to over 1,000 messages monthly across these platforms — a volume that would represent an unprecedented number of real breaches if true.2026-05-20
GroupIB_TIcampaignUnited States
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: Chinese-speaking data brokers are flooding #darkweb forums and #Telegram with advertisements for massive datasets, but Group-IB analysis shows these are largely compiled from prior breaches like the 2021 Facebook leak and the 2020 Eatigo incident.2026-05-20
GroupIB_TIcampaignUnknown
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: Victimology analysis shows overlapping global targeting across both campaigns. Reward Points phishing primarily targets #financial services and telecom users across #APAC, while Failed Parcel Delivery campaigns focus on logistics entities across Europe, APAC, and the US. Despite sector-specific lures, the geographic distribution and brand impersonation patterns indicate coordinated deployment within the same smishing infrastructure. #ThreatIntel2026-04-29
GroupIB_TIphishingUnited StatesT1566
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.
Group-IB Threat Intelligence: Since January 2025, Group-IB has tracked over 2,500 #phishing domains tied to a single #PhaaS ecosystem known as the "Phoenix System" (不死鳥系統), which has targeted more than 70 organizations across financial services, telecom, and logistics.2026-04-29
GroupIB_TIphishingUnited StatesT1566
Group-IB Threat Intelligence feed featuring APT research, ransomware analysis and cybercrime investigations.