Report

Two Competing, Russian-Speaking Cybercrime Groups Attack Employees from 23 Companies in the Manufacturing, Software, Legal, Retail, and Healthcare Sectors Using Malicious Google Ads

eSentire’s security research team, the Threat Response Unit (TRU), has detected and shut down cyberattacks launched against 23 of its customers in the past year by two competing cybercriminal groups.

The attacking threat actors belong to the Russian-speaking Malware-as-a-Service (MaaS) groups, called BatLoader and FakeBat. The operators have created Google Ads and websites that mimic legitimate software sites to lure employees to download a very stealthy and capable malware loader.

Read this threat report for more information and to see how the BatLoader and FakeBat crime groups are giving low-level threat actors access to end-to-end attack campaigns that produce pools of corporate victims.

Get The Report