Criminals deliver an arsenal of malware

Jamie Collins

CyberWise Pro

Security researchers at Cybereason have discovered how attackers are abusing a vulnerability in code management software BitBucket, and it is a completely different approach to what attackers commonly take. In fact, the approach has the potential to cause more damage than any other cyber-attack that has been successful in the past.

When we hear of successful cyber-attacks we tend to be informed of only one type of attack. Whether it be a ransomware attack, DDoS attack or an extraction of sensitive data, attackers normally set out to achieve only one thing.

However, what differentiates this approach is how the criminals are attacking victims using an arsenal of payloads, hitting their networks from multiple angles.

Doing this provides a much better chance of a successful attack, while also providing the attackers with a wide range of data. A completely successful attack where all payloads are effective could be devastating for any person and disastrous for a business of any size.

The arsenal which has been discovered by Cybereason includes malicious software such as;

  • STOP Ransomware – Software that encrypts data on a device and asks for a ransom in order for the victim to retrieve their data. The ransomware discovered in this arsenal is called STOP which also has downloading capabilities to assist with infecting devices with additional malware.
  • Azorult – This malware steals data by aiming specifically for your Internet Browser app data. Your internet browser app data stores a lot of personal information such as login credentials, location, names, addresses, phone numbers and even banking information if you allow it to.
  • Predator – Not only can this malware steal confidential data, it also has the ability to take screenshots and use your webcam to take pictures.
  • IntelRapid – This malware is an information stealer, primarily used to steal cryptocurrency wallets.
  • Amadey bot – A simple trojan primarily used for collecting reconnaissance information on the victims device.

So far this is the first arsenal of payloads that has been discovered. Criminals will continue this approach, adapting it by adding different types of payloads or newer versions to better increase their chances of a successful attack.

As businesses improve their security more and more, criminals need to come up with more creative and innovative ways to keep their billion £ industry alive. This is certainly not the last approach by criminals that will be discovered. There will be more.

Secure your business event

Cyber Wise and Hallidays are hosting a free ‘Secure your business’ event on Thursday 5th March 2020 with an expert panel to protect you and your team from the latest threats. Book your place, complete the security survey and you will acquire seven extraordinary insights which will radically change your approach to business security.

How Cyber Wise can help

If you need any support with your business security, find out more about Cyber Wise or contact the Cyber Wise team - email or call 0161 476 8273.

Cyber Wise

Latest articles

Coronavirus Live Support

We've created this live blog to update you with useful and relevant insights into the latest developments surrounding the COVID-19 pandemic.

White Paper

Accelerate your growth

Take the next step on your business growth journey. Remove barriers and put plans in place to monitor success.



Play to your strengths

In this episode with Twelve Scholars, Nigel discusses being proactive and how to play to your strengths.