Old Cyber Gang Uses New Crypter

Current Issue | Archives

IT News and Events (Vendor News Edition) > Volume 300 > Issue 2 > Fortinet News >

Data Science Innovators Conference 2023 (April 12th-13th)

Old Cyber Gang Uses New Crypter - Scrubcrypt

<< Previous Next >>

Fortinet News, March 8th, 2023
March 8, 2023,
Volume 300, Issue 2

Old Cyber Gang Uses New Crypter - Scrubcrypt

Between January and February 2023, FortiGuard Labs observed a payload targeting an exploitable Oracle Weblogic Server in a specific URI.

This payload extracts ScrubCrypt, which obfuscates and encrypts applications and makes them able to dodge security programs. It already has an updated version, and the seller's webpage (Figure 1) guarantees that it can bypass Windows Defender and provide anti-debug and some bypass functions.

We analyzed the malware injected into a victim's system and, as part of our analysis, identified the threat actor as 8220 Gang using collected indicators. This mining group first appeared in 2017. The name '8220' comes from its original use of port 8220 for network communications.

Read More ...

Keywords:

Other articles in the Fortinet News section of Volume 300, Issue 2:

A Celebration Of Women In Cybersecurity On International Women's Day
Fortinet Enhances Its Single-Vendor Sase Solution With New Capabilities To Support Work-From-Anywhere
Go From Zero-Day Threats To Zero Threats With Inline Sandboxing
Here's How We Can Collectively Shrink The Cybersecurity Skills Gap
Highlights From The 2023 Work-From-Anywhere Global Study
Old Cyber Gang Uses New Crypter - Scrubcrypt (this article)

See all archived articles in the Fortinet News section.