CyberSum logo
Back

Qilin Ransomware Leverages Bulletproof Hosting for Global Attacks

Cyber Security News by CyberSum.net
3 sources
A new report from Resecurity’s HUNTER unit reveals the extensive use of bulletproof hosting (BPH) providers by the Qilin ransomware-as-a-service (RaaS) group. The group's resilience and global reach are supported by an underground hosting ecosystem that evades law enforcement oversight. Qilin, known for its double extortion tactics, has targeted various sectors, including healthcare and critical infrastructure. The report highlights the group's aggressive expansion, particularly in the U.S. and Europe, and its deep integration with BPH conglomerates. Resecurity warns that BPH remains a critical enabler of modern cybercrime, shielding ransomware groups from law enforcement.

Also Read

PhantomVAI Loader: New Multi-Stage .NET Loader in Phishing Campaigns

PhantomVAI Loader, a newly renamed multi-stage .NET loader, is being used in widespread phishing campaigns to deliver various information-stealing malware. The loader, initially identified as Katz Stealer Loader, now supports multiple payloads through an evasive infection chain that includes obfuscated scripts, steganography, and virtual-machine detection. Organizations across multiple sectors have been targeted in this global campaign. The loader is available on underground marketplaces, allowing even low-skill actors to launch complex attacks. The infection chain involves phishing emails with themes of sales, payments, or legal actions, sometimes using homograph attacks to trick recipients. The emails contain ZIP archives with obfuscated JavaScript or VBS files that embed a Base64-encoded PowerShell script, which fetches a GIF file with a steganographically hidden DLL payload. The PhantomVAI Loader performs virtual-machine detection checks and establishes persistence through scheduled tasks or Run registry keys before downloading the final payload and injecting it into a legitimate executable.

By Cyber Security News by CyberSum.net