TRU Security

Updates from Acronis Threat Research Unit

TRU Security
Cyberthreat analysis
Cyberthreat analysis
Most recent on cyberthreat analysis
23 July 2025  — 17 min read
Acronis
Threat actors go gaming: Electron-based stealers in disguise
The Acronis Threat Research Unit (TRU) uncovered a new malware campaign involving Leet Stealer, RMC...
08 July 2025  — 12 min read
SafePay ransomware: The fast-rising threat targeting MSPs
SafePay ransomware group has quietly and aggressively built momentum in Q1 2025, striking over 200...
18 June 2025  — 21 min read
Shadow Vector targets Colombian users via privilege escalation and court-themed SVG decoys
The Acronis Threat Research Unit (TRU) identified an ongoing malware campaign named Shadow Vector that...
04 June 2025  — 17 min read
From open source to open threat: Tracking Chaos RAT’s evolution
Chaos RAT is an open-source remote administration tool (RAT) first seen in 2022. It evolved in 2024,...
20 May 2025  — 22 min read
From banks to battalions: SideWinder’s attacks on South Asia’s public sector
Acronis Threat Research Unit (TRU) uncovered a new SideWinder APT campaign targeting high-level...
15 April 2025  — 17 min read
Astaroth unleashed
Astaroth, also known as Guildma, is a sophisticated piece of malware that first emerged in 2018 and...

Trends and analysis

13 February 2025  — 8 min read
Acronis
Advancements in delivery: Scripting with Nietzsche
We’ve recently come across a complex delivery chain utilizing multiple script languages designed to...
09 January 2025  — 12 min read
Acronis
SharpRhino: An old, new threat
SharpRhino is delivered as legitimate software and grants remote access to the victim's machine. Read...
08 January 2025  — 12 min read
Acronis
TMPN (Skuld) Stealer: The dark side of open source
Skuld, also known as TMPN Stealer, is an information-stealing malware written in Golang (Go) that...
16 October 2024  — 3 min read
Acronis
MSP cybersecurity news digest, October 10, 2024
More_eggs backdoor malware tricks recruiters into downloading fake resumés, Kansas water treatment...
30 September 2024  — 3 min read
Acronis
MSP cybersecurity news digest, September 30, 2024
MoneyGram confirms cyberattack that caused system outages and customer complaints, “Marko Polo” group...
26 September 2024  — 3 min read
Acronis
MSP cybersecurity news digest, September 26, 2024
RansomHub ransomware group hits Kawasaki Motors Europe with cyberattack, Mustang Panda espionage group...