Microsoft has notified all users about the CACTUS ransomware arising due to the malvertising scheme. The main purpose of this cyberattack was to install Danabot as a beginner point of access.
As per the opinion of the Threat Intelligence team, Danabot gave birth to the hands-on keyboard activities. Storm 1044 identified Danabot, as a multi-operational tool that acts as a burglar and a point of the entrance of the next-level payload.
In February 2021, UNC2198 infected endpoints with IcedID for the purpose of situating ransomware families namely Maze and Egregor. Qakbot infections provided threat actors with initial access. A coordinated law enforcement operation in August 2023, bright changes to Danabot.
As per the opinion of Redmond, the latest Danabot campaign, which was observed in November 2023 for the first time, used a private version of the info-stealing malware rather than the malware-as-a-service offering.
Other CACTUS ransomware attacks are inversely impacting susceptibilities in the data analytics program known as Qlik Sense to acquire access to corporate networks. Here, Turtle, a new macOS ransomware came into existence that was written in the Go programming language.