Threat Context Monthly: Executive intelligence briefing for January 2024

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news, and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. 

Spotlight threat: X (Twitter) accounts hacked 

Over the past few weeks there has been an uptick of compromises on the social media platform X (formerly Twitter) to promote cryptocurrency scams, phishing sites, and sites with crypto drainers. Some of the compromised accounts belong to government and business profiles, and marked with gold and grey checkmarks, giving more credibility to the fraudulent content. 

Mandiant describes a Drainer-as-a-Service (DaaS) whose operators provide the drainer scripts to affiliates in exchange for a percentage of the stolen funds. 

Some of the affected companies have revealed how these compromises occurred:  

Emerging threat update from KrakenLabs 

A cracked version of the Zeppelin ransomware builder was put for sale on the RAMP underground forum for just $500. Outpost24 KrakenLabs analyst believe this could lead to a widespread of new variants and new RaaS groups.  

Malware update from KrakenLabs 

Threat actors behind the Akira ransomware family compromises are focusing on wiping the victim’s network-attached storage (NAS) devices usually used for backups as well as tape backup devices. This puts more pressure on the victim as there is no option of restoring data without paying. 

Learn more about Threat Compass 

Want more? Get started with Threat Compass to receive the latest actionable intelligence from our world-class in-house analyst team.  

Get started with Threat Compass 

About the Author

KrakenLabs Threat Intelligence Team, Outpost24

KrakenLabs is Outpost24’s Cyber Threat Intelligence team. Our team helps businesses stay ahead of malicious actors in the ever-evolving threat landscape, helping you keep your assets and brand reputation safe. With a comprehensive threat hunting infrastructure, our Threat Intelligence solution covers a broad range of threats on the market to help your business detect and deter external threats.