![]() ![]() We don’t necessarily have to worry about ComplexCodes making rent, though. With These Low, Low Prices, We Must Be Crazyįor all that badness, ComplexCodes charges a mere $24 per month, $60 for three months and $125 for one year. WeSteal also provides a “Victim tracker panel” that tracks Infections, “Leaving no doubt about the context,” the researchers say. In case there were any doubters left in the room, WeSupply’s forum posts also promote support for zero-day exploits and “Antivirus Bypassing”. Neither did this malware developer mince words about a distributed denial-of-service (DDoS) tool they offered: fittingly enough, it was dubbed Site Killah: a tool that carried promises of having Unbeatable Prices, Fast Attacks and Amazing Support. Also, the Palo Alto Network analysts found evidence linking ComplexCodes to a site that sells stolen accounts for services such as Netflix, Disney+, Pornhub, Spotify, Hulu and more. The tool’s author also previously churned out the Zodiac Crypto Stealer, as well as malware called Spartan Crypter that’s used to throw antivirus detection off the trail. Code samples point to WeSteal having evolved from that earlier tool. A threat actor named ComplexCodes began advertising WeSteal on the underground in mid-February, but before that, they started selling a WeSupply Crypto Stealer in May 2020. What’s new about this cryptocurrency ripper-offer? From what researchers can determine, mostly, the name. Their crimes are as real as their victims.” WeSteal, Nee WeSupply, Nee Etc. The low-sophistication actors who purchase and deploy this malware are thieves, no less so than street pickpockets. “Its simplicity is matched by a likely simple effectiveness in the theft of cryptocurrency. “WeSteal is a shameless piece of commodity malware with a single, illicit function,” they say. In a post on Thursday, the researchers picked apart the WeSteal cryptocurrency wallet-pickpocketing tool and a related remote-access trojan (RAT) called WeControl, saying that it’s “shameless” the way the developers aren’t even trying to hide the tools’ true intent. Then there is the website, ‘WeSupply,’ owned by a co-conspirator, proudly stating ‘WeSupply – You profit'”, a Palo Alto Networks team says about the new tool they found being peddled on the underground. “There is no … pretense by ComplexCodes with WeSteal. Join Threatpost for “ Fortifying Your Business Against Ransomware, DDoS & Cryptojacking Attacks” a LIVE roundtable event on Wednesday, May 12 at 2:00 PM EDT for this FREE webinar sponsored by Zoho ManageEngine. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |