BleepingComputer reports that the Conti ransomware gang has already taken over the TrickBot malware operation.
AdvIntel researchers noted that while TrickBot had the Ryuk ransomware group as its partner for achieving initial network access, only Conti has been given the malware's high-quality network access supply last year, when the stealthier BazarBackdoor had already been developed by TrickBot developers as a means to better evade detection.
However, Conti has effectively made TrickBot its subsidiary after it had hired its developers and managers by the end of 2021, enabling it to control the development of BazarBackdoor, which has now become its primary initial access tool, according to researchers.
"After being “acquired” by Conti, [TrickBot leaders] are now rich in prospects with secure ground beneath them, and Conti will always find a way to make use of the available talent," said AdvIntel. Researchers also noted that despite the takeover, TrickBot will continue its operations against high-value targets.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news