In Q3 2022, the situation on the DDoS market stabilized, and sophisticated attacks on HTTP(S) began to hold sway over simple TCP attacks.

Reports

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.

We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.

While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020.

DDoS reports

DDoS attacks in Q3 2022

DDoS attacks in Q2 2022

DDoS attacks in Q1 2022

DDoS attacks in Q4 2021

DDoS attacks in Q3 2021

DDoS attacks in Q2 2021

DDoS attacks in Q1 2021

DDoS attacks in Q4 2020

DDoS attacks in Q3 2020

DDoS attacks in Q2 2020

DDoS attacks in Q1 2020

DDoS attacks in Q4 2019

DDoS attacks in Q3 2019

DDoS attacks in Q2 2019

DDoS attacks in Q1 2019

Congratulations, you’ve won! The reality behind online lotteries

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

Subscribe

Reports

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

BlueNoroff introduces new methods bypassing MoTW

Ransomware and wiper signed with stolen certificates

DeathStalker targets legal entities with new Janicab variant

Subscribe to our weekly e-mails