EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing - Related to how, medusa, ai, ransomware, victims

How New AI Agents Will Transform Credential Stuffing Attacks

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers.

Stolen credentials: The cyber criminal's weapon of choice in 2024.

Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. Not surprising when you consider the fact that billions of leaked credentials are in circulation online, and attackers can pick up the latest drop for as little as $10 on criminal forums.

The criminal marketplace for stolen credentials is benefitting from the publicity of high-profile breaches in 2024 such as the attacks on Snowflake customers using credentials found in data breach dumps and compromised credential feeds from infostealer and mass phishing campaigns, resulting in the compromise of 165 customer tenants and hundreds of millions of breached records.

But despite 2024 being an unprecedented year in terms of the impact of identity-based attacks, there's still a lot of unfulfilled potential for attackers to realize.

Credential attack automation — what's changed with the shift to SaaS?

Brute forcing and credential stuffing are nothing new, and have been a key component of the cyber attacker toolkit for decades. But it's not quite as easy to automatically spray credentials across systems as it once was.

Rather than a single centralized network with apps and data contained within an infrastructure perimeter, business IT is now formed of hundreds of web-based apps and platforms, creating thousands of identities per organization.

This means that identities too are now decentralized and distributed all over the internet, as opposed to being stored solely in identity systems like Active Directory, and implemented using common protocols and mechanisms.

While HTTP(S) is standard, modern web apps are complex and highly customized, with a graphically-driven interface that is different every time. And to make matters worse, modern web apps are specifically designed to prevent malicious automation through bot protections like CAPTCHA.

So rather than encountering standard protocols and being able to write a single set of tools to use across any organization/environment [website] write a DNS scanner once, use a single port scanner like Nmap for the entire internet, write a single script per service ([website] FTP, SSH, Telnet, etc.) for your password sprayer — custom tool development is instead required for every app that you want to target.

Not only are there more environments for attackers to include in the scope of their attack, but there are more credentials to work with.

This sounds scary, but it's tricky for attackers to harness this data. The vast majority of these credentials are old and invalid. A recent review of TI data by Push Security researchers found that fewer than 1% of stolen credentials included in threat intelligence feeds from a multi-vendor data set was actionable — in other words, 99% of compromised credentials were false positives.

But not all of them are useless — as the Snowflake attacks demonstrated, which successfully leveraged credentials dating back to 2020. So there are clearly treasures waiting to be discovered by attackers.

The distributed nature of apps and identities, and the low reliability of compromised credential data, means attackers are forced to prioritize — despite a target-rich environment of hundreds of business apps, creating thousands of sprawled identities per organization, because:

Writing and running custom python scripts for every single app (there are more than 40k SaaS apps on the internet) is not realistic. Even if you did the top 100 or 1000 that would be a significant task and require constant maintenance, while barely scratching the surface of the total opportunity.

Even when fully scripted and using a botnet to distribute the attack and avoid IP blocking, controls like rate limiting, CAPTCHA, and account lockouts can obstruct mass credential stuffing against a single app. And a concentrated attack on a single site is going to generate significant levels of traffic if you want to get through 15 billion passwords in a reasonable timeframe, so it's very likely to raise the alarm.

So attackers tend to target a smaller number of apps, and only look for a direct match in terms of the credentials attempted ([website] the stolen credential must directly belong to an account on the target app). When they do go after something new, it tends to be concentrated on a specific app/platform ([website] Snowflake) or looking for a narrower subset of credentials ([website] credentials clearly associated with edge devices, for more traditional network environments).

As we've established, the situation regarding credential stuffing attacks is already pretty bad despite these limitations. But things could be significantly worse.

Password reuse means a single compromised account could turn into many.

If attackers were able to increase the scale of their attacks to target a broader number of apps (rather than concentrating on a shortlist of high value apps) they could take advantage of all-too-common password reuse. , on average:

9% of identities have a reused password AND no MFA.

10% of IdP accounts (used for SSO) have a non-unique password.

What does this mean? If a stolen credential is valid, there's a good chance that it can be used to access more than one account, on more than one app (at least).

Picture the scenario: A recent compromised credential leak from infostealer infections or credential phishing campaigns presents that a particular username and password combination is valid on a specific app — let's say Microsoft 365. Now, this account is pretty locked down — not only does it have MFA, but there are conditional access policies in place restricting the IP/location it can be accessed from.

Usually, this is where the attack would end, and you'd turn your attention to something else. But what if you were able to spray these credentials across every other business app that the user has an account on?

Scaling credential attacks with Computer-Using Agents.

Until now, the impact of AI on identity attacks has been limited to the use of LLMs for the creation of phishing emails, in AI-assisted malware development, and for social media bots — no doubt significant, but not exactly transformative, and requiring constant human oversight and input.

But with the launch of OpenAI Operator, a new kind of "Computer-Using Agent", this could be about to change.

Operator is trained on a specialist dataset and implemented in its own sandboxed browser, meaning it is able to perform common web tasks like a human — seeing and interacting with pages as a human would.

Unlike other automated solutions, Operator requires no custom implementation or coding to be able to interact with new sites, making it a much more scalable option for attackers looking to target a broad sweep of sites/apps.

Demo: Using Operator to conduct credential stuffing attacks at-scale.

Researchers at Push Security put the malicious use-cases of Operator to the test, using it to:

Identify which companies have an existing tenant on a list of apps.

Attempt to login to various app tenants with a provided username and password.

The results were pretty eye-opening. The operator clearly demonstrated the ability to target a list of apps with compromised credentials and perform in-app actions. Now think about this x10, x100, x10,000 … These are not complex tasks. But the value of CUAs Operator is not in tackling complexity, but scale. Imagine a world where you can orchestrate Operator windows via API and get it to execute these actions simultaneously (functionality that exists already for ChatGPT).

But this is bigger than Operator — it's about the direction of the technology. OpenAI may implement restrictions — more effective in-app guardrails, rate limits on the number of concurrent tasks and total usage, etc. But you can guarantee it won't be the only CUA — it's only a matter of time before similar products emerge (maybe even inherently malicious ones) making use of the same technology.

It's still early days for CUA tech, but there's a clear indication that an already severe security challenge could be made worse with this particular form of AI-driven automation. While the ability to target a broad set of apps has been previously beyond the scope of traditional automation, it's about to become much more accessible to even low-skilled attackers (think: next gen script kiddies?).

Another way to think about it is that it effectively gives a human attacker a fleet of low-level interns who don't quite know what they're doing, but can be instructed to perform specific, itemised tasks at scale with only the occasional check in — while you work on other, more complex tasks. So, a bit like a red team manager of AI bots.

Operator means that attackers can leverage compromised credentials at-scale, take advantage of the vast numbers of vulnerable and misconfigured identities, and convert them into systemic breaches much more easily. In a way, it could make credential stuffing a bit more like it was before the shift to cloud apps — where you could spray thousands of credentials across your targets without needing custom development every time.

Thankfully, no new anti-AI capabilities are required — but it's more significant than ever that organizations look to defend their identity attack surface and find and fix identity vulnerabilities before attackers can take advantage of them.

If you want to learn more about identity attacks and how to stop them, check out Push Security — you can book a demo or try out their browser-based platform for free.

And if you want to see them demo more malicious use cases of Operator, check out this on-demand webinar.

Betrüger setzen auf eine Paypal-Funktion namens.

New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social en......

TrapC ist eine neue, auf Cybersicherheit spezialisierte Variante der Programmiersprache C. Sie zielt darauf ab, die in C und C++ gängigen Speicherprob......

Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom

The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023 and 2024.

In the first two months of 2025 alone, the group has claimed over 40 attacks, . The cybersecurity firm is tracking the cluster under the name Spearwing.

"Like the majority of ransomware operators, Spearwing and its affiliates carry out double extortion attacks, stealing victims' data before encrypting networks in order to increase the pressure on victims to pay a ransom," Symantec noted.

"If victims refuse to pay, the group threatens to publish the stolen data on their data leaks site."

While other ransomware-as-a-service (RaaS) players like RansomHub (aka Greenbottle and Cyclops), Play (aka Balloonfly), and Qilin (aka Agenda, Stinkbug, and Water Galura) have benefited from the disruptions of LockBit and BlackCat, the spike in Medusa infections raises the possibility that the threat actor could also be rushing in to fill the gap left by the two prolific extortionists.

The development comes as the ransomware landscape continues to be in a state of flux, with a steady stream of new RaaS operations, such as Anubis, CipherLocker, Core, Dange, LCRYX, Loches, Vgod, and Xelera, emerging in the wild in recent months.

Medusa has a track record of demanding ransoms anywhere between $100,000 up to $15 million from healthcare providers and non-profits, as well as targeting financial and government organizations.

Attack chains mounted by the ransomware syndicate involve the exploitation of known security flaws in public-facing applications, mainly Microsoft Exchange Server, to obtain initial access. It's also suspected that the threat actors are likely using initial access brokers for breaching networks of interest.

Once gaining a successful foothold, the hackers drop use remote management and monitoring (RMM) software such as SimpleHelp, AnyDesk, or MeshAgent for persistent access, and employ the tried-and-tested Bring Your Own Vulnerable Driver (BYOVD) technique to terminate antivirus processes using KillAV. It's worth pointing out that KillAV has been previously put to use in BlackCat ransomware attacks.

"The use of the legitimate RMM software PDQ Deploy is another hallmark of Medusa ransomware attacks," Symantec noted. "It is typically used by the attackers to drop other tools and files and to move laterally across the victim network."

Some of the other tools deployed over the course of a Medusa ransomware attack include Navicat to access and run database queries, RoboCopy, and Rclone for data exfiltration.

"Like most targeted ransomware groups, Spearwing tends to attack large organizations across a range of sectors," Symantec mentioned. "Ransomware groups tend to be driven purely by profit, and not by any ideological or moral considerations."

Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud serv......

A new campaign is targeting companies in Taiwan with malware known as Winos [website] as part of phishing emails masquerading as the country's National Taxa......

YouTube warns that scammers are using an AI-generated video featuring the business's CEO in phishing attacks to steal creators' credentials.

EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.

"EncryptHub has been observed targeting customers of popular applications, by distributing trojanized versions," Outpost24 KrakenLabs presented in a new investigation shared with The Hacker News. "Furthermore, the threat actor has also made use of third-party Pay-Per-Install (PPI) distribution services."

The cybersecurity corporation described the threat actor as a hacking group that makes operational security errors and as someone who incorporates exploits for popular security flaws into their attack campaigns.

EncryptHub, also tracked by Swiss cybersecurity corporation PRODAFT as LARVA-208, is assessed to have become active towards the end of June 2024, relying on a variety of approaches ranging from SMS phishing (smishing) to voice phishing (vishing) in an attempt to trick prospective targets into installing remote monitoring and management (RMM) software.

The corporation told The Hacker News that the spear-phishing group is affiliated with RansomHub and Blacksuit ransomware groups and has been using advanced social engineering tactics to compromise high-value targets across multiple industries.

"The actor usually creates a phishing site that targets the organization to obtain the victim's VPN credentials," PRODAFT stated. "The victim is then called and asked to enter the victim's details into the phishing site for technical issues, posing as an IT team or helpdesk. If the attack targeting the victim is not a call but a direct SMS text message, a fake Microsoft Teams link is used to convince the victim."

The phishing sites are hosted on bulletproof hosting providers like Yalishand. Once access is obtained, EncryptHub proceeds to run PowerShell scripts that lead to the deployment of stealer malware like Fickle, StealC, and Rhadamanthys. The end goal of the attacks in most instances is to deliver ransomware and demand a ransom.

One of the other common methods adopted by threat actors concerns the use of trojanized applications disguised as legitimate software for initial access. These include counterfeit versions of QQ Talk, QQ Installer, WeChat, DingTalk, VooV Meeting, Google Meet, Microsoft Visual Studio 2022, and Palo Alto Global Protect.

These booby-trapped applications, once installed, trigger a multi-stage process that acts as a delivery vehicle for next-stage payloads such as Kematian Stealer to facilitate cookie theft.

At least since January 2, 2025, a crucial component of EncryptHub's distribution chain has been the use of a third-party PPI service dubbed LabInstalls, which facilitates bulk malware installs for paying clients starting from $10 (100 loads) to $450 (10,000 loads).

"EncryptHub indeed confirmed being their client by leaving positive feedback in LabInstalls selling thread on the top-tier Russian-speaking underground forum XSS, even including a screenshot that evidences the use of the service," Outpost24 noted.

"The threat actor most likely hired this service to ease the burden of distribution and expand the number of targets that his malware could reach."

These changes underscore active tweaks to EncryptHub's kill chain, with the threat actor also developing new components like EncryptRAT, a command-and-control (C2) panel to manage active infections, issue remote commands, and access stolen data. There is some evidence to suggest that the adversary may be looking to commercialize the tool.

"EncryptHub continues to evolve its tactics, underlining the critical need for continuous monitoring and proactive defense measures," the business mentioned. "Organizations must remain vigilant and adopt multi-layered security strategies to mitigate the risks posed by such adversaries."

More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been ......

Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic as......

Artificial intelligence (AI) and machine learning (ML) have entered the enterprise environment.