the actor pastes an image into their ransom note that shows a police badge from the aforementioned unit, a potential attempt to create a sense of legitimacy or perhaps intimidate victims into paying the ransom.”
Diicot is a Romanian threat actor that has been discovered to have previously undocumented payloads for launching distributed denial-of-service (DDoS) attacks, according to cybersecurity researchers. This is significant since the group shares the same name as the Romanian organized crime and anti-terrorism policing unit. Moreover, the group uses an image of the police badge in their ransom note, which could represent an attempt to create a sense of legitimacy and intimidate victims into paying the ransom. Cado Security, a cybersecurity firm, was responsible for releasing these details in a technical report.
Cado Security discovered that Diict’s payloads are triggered through phishing attacks that involve weaponized Word documents. Once the document is opened, Diicot gains access to the victim’s system and installs various tools for harvesting credentials. The researchers also found out that the group has established command-and-control (C2) communication channels to facilitate the download and installation of additional malware on the compromised machine.
A distributed denial-of-service (DDoS) attack can have serious consequences, including taking down a website and rendering it inaccessible to users. It can also cause significant financial loss to the victim and harm their reputation. Therefore, it is essential to be vigilant and take proactive measures to prevent such attacks from happening.
Researchers have discovered that Romanian threat actor Diicot has previously undocumented payloads that can launch distributed denial-of-service (DDoS) attacks. The group shares the same name as the Romanian organized crime and anti-terrorism policing unit and uses an image of the police badge in its ransom notes. Diicot’s payloads are triggered through phishing attacks that involve weaponized Word documents, enabling the group to gain access to the victim’s system, install various tools for credential harvesting, and establish command-and-control (C2) communication channels. As a result, it is essential to be vigilant and take proactive measures to prevent DDoS attacks, which can cause significant financial loss and harm to a company’s reputation.Original Article: https://thehackernews.com/2023/06/from-cryptojacking-to-ddos-attacks.html
No products in the cart.