TRU Security

For more than a year, Acronis Cyber Protect Cloud with Advanced Security has achieved a perfect score in every AV-Test regular certification under macOS. The solution's real-time protection mechanisms, coupled with advanced threat detection algorithms, earned it a perfect score in December’s evaluation, where it detected 100% of 1,298 samples of widespread and prevalent malware chosen by AV-Test.

CustomerLoader was first spotted in June 2023, delivering different payloads to its targets. It is a .NET loader, so named from the ‘custom’ string in its C&C communication. In this campaign, it used a .LNK file to bring the DuckTail infostealer to victims' machines. DuckTail is a Vietnamese threat group that became active in May 2023. Using phishing job listings on LinkedIn, DuckTail delivers malicious files to victims.

With cyberthreats becoming more sophisticated, Acronis Cyber Protect Cloud stands out as a robust solution that not only safeguards your data and systems but also revolutionizes incident management through the integration of cutting-edge artificial intelligence (AI) technology. And, as you may know, Acronis recently released Cyber Protect Cloud Advanced Security + EDR, to extend the core product's functionality.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis analysts and sensors. Figures presented here were gathered in November of this year and reflect threats that we detected as well as news stories from the public domain. This report represents a global outlook and is based on more than one million unique endpoints distributed around the world.

DarkGate was first spotted in 2018. New attacks have used Skype messages with malicious VBA attachments. The main purpose of this script is to download and execute the AutoIt script, which has been observed in DarkGate campaigns since 2020. A user with the name ‘RastaFarEye’ advertised his malware on underground Russian language forums, and it now has numerous capabilities.

This article is the first in the ransomware diaries series. We will provide an in-depth look at some active ransomware families, such as Mallox or encryptors from the Epsilon Gang, revealing the unique picture they occasionally paint, along with commonalities they maintain along the way. Every family will represent a different piece of the current ransomware landscape to showcase how diversified it has become over the years.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis analysts and sensors. Figures presented here were gathered in October of this year and reflect threats that we detected as well as news stories from the public domain. This report represents a global outlook and is based on more than one million unique endpoints distributed around the world.