CyberFreakz

Google Ads Being Used To Distribute Malware Downloader "BATLOADER" The cybercriminals behind the malware downloader BATLOADER have recently been found to be using Google Ads to distribute secondary payloads, such as Vidar Stealer and Ursnif. The attackers are using malicious ads to impersonate legitimate apps and services like Adobe, OpenAPI's ChatGPT, Spotify, Tableau, and Zoom.   BATLOADER is a loader responsible for disseminating next-stage malware, including information stealers, banking malware, Cobalt Strike, and even ransomware. The malware is known for its software impersonation tactics for malware delivery, achieved by setting up fake websites that host Windows installer files that masquerade as legitimate apps to trick users into clicking rogue ads on the Google search results page. Once launched, the MSI installer files execute Python scripts that contain the BATLOADER payload, which retrieves the next-stage malware from a remote server. This marks a slight shi

The Logic Locker Ransomware Worm that affects mainly Allen Bradley PLCs (Programmable Logic Controllers). In recent years, ransomware attacks have become increasingly prevalent, and the threat continues to grow. One particularly dangerous strain of ransomware is known as LogicLocker. This cross-vendor ransomware worm can cause serious damage to industrial control systems, specifically targeting programmable logic controllers (PLCs) like Allen Bradley's MicroLogix 1400. In this blog, we'll take a closer look at LogicLocker and explore what you can do to protect your systems from this threat. What is LogicLocker? LogicLocker is a type of ransomware that targets industrial control systems (ICS), including PLCs. It is a self-replicating worm that spreads through vulnerable networks and infects other devices. LogicLocker uses a variety of tactics to spread, including exploiting vulnerabilities in software and brute-force attacks against weak passwords. Once LogicLocker infects a sys