Unfortunately for everyone a new threat has appeared called Matanbuchus which is a Loader service (MaaS) created by the BelialDemon group. This is a cybercrime actor who references demonic themes in software and usernames. It has been discovered by cybersecurity experts at Palo Alto Networks Unit 42. The malicious code was announced in February 2021 at a starting rental price of $ 2,500 and was actually released through posts giving other criminals access.<\/p>\n\n\n\n
This new threat has unfortunately already affected several organizations in the US and the EU to this day including a large university and high school in the United States, as well as a high-tech organization in Belgium. In addition, Matanbuchus is capable of:<\/p>\n\n\n\n
\u25b8The ability to run an .exe or .dll file in memory<\/em><\/strong><\/p>\n\n\n\n \u25b8Ability to leverage schtasks.exe to add or modify task schedules<\/em><\/strong><\/p>\n\n\n\n \u25b8This threat can launch custom PowerShell commands<\/em><\/strong><\/p>\n\n\n\n \u25b8In addition, it takes advantage of a separate executable to load the DLL if the attacker has no way to do it<\/em><\/strong><\/p>\n\n\n\n This threat seems to be spreading through Phishing so awareness of this is important and thus not fall before these malicious deceptions. At the moment the best thing that one can apply against this threat is to have a good next generation Firewall not only against this threat but against the many others that we could find on the Internet.<\/p>\n\n\n\n Other reads: Unfortunately for everyone a new threat has appeared called Matanbuchus which is a Loader service (MaaS) created by the BelialDemon group. This is a cybercrime actor who references demonic themes in software and usernames. It has been discovered by cybersecurity experts at Palo Alto Networks Unit 42. The malicious code was announced in February 2021 […]<\/p>\n","protected":false},"author":1,"featured_media":3123,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[36],"class_list":["post-3122","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"\n
Avaddon, the ransomware that uses DDoS attacks<\/a>
Buer Malware Charger Emerges on the Web<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"