Threat Intelligence | Intel 471 Skip to content

Threat Intelligence

Hero background fallback
Zservers: Bulletproof hosting for online crime
Cybercriminals// Malicious Actors// Mar 11, 2025

Zservers: Bulletproof hosting for online crime

Russia-based bulletproof hosting service Zservers was exposed and hit with sanctions. But there are signs it may not have been permanently disrupted.

Android trojan TgToxic updates its capabilities
Security Operations// Feb 24, 2025

Android trojan TgToxic updates its capabilities

Intel 471 mobile malware researchers recently discovered a campaign leveraging an updated version of TgToxic, an Android banking trojan. Here's an in-depth look at this malware.

DeepSeek AI poses cybersecurity risks
Threat Intelligence// Feb 07, 2025

DeepSeek AI poses cybersecurity risks

China-based DeepSeek has upended notions about AI development and prompted security concerns. Here is a briefing on DeepSeek and how cybercriminals are viewing its development.

How threat actors are using artificial intelligence
Threat Intelligence// Jan 29, 2025

How threat actors are using artificial intelligence

Artificial intelligence is a red-hot mess, filled with contradicting predictions over whether it will bring vast benefits. In this Studio 471, Ashley Jess shares her insight into how AI will shape the threat landscape.

How ransomware may trend in 2025
Cybercriminals// Malicious Actors// Jan 21, 2025

How ransomware may trend in 2025

New variants and threat actor groups kept up the tempo of ransomware attacks in 2024. Here's a look at how this type of pervasive cybercrime may trend this year.

Collecting Useful CTI from Underground Markets
Threat Intelligence// Dec 17, 2024

Collecting Useful CTI from Underground Markets

Extracting cyber threat intelligence on emerging threats and novel threat actors is challenging. Michele Campobasso completed his doctoral thesis in 2024 at Eindhoven University of Technology, and in Studio 471, he shares ins...

‘Tis the Season to Be Alert for Cyber Threats: 5 Unjoyful Holiday Tactics
Threat Intelligence// Dec 17, 2024

‘Tis the Season to Be Alert for Cyber Threats: 5 Unjoyful Holiday Tactics

Amidst the holiday bustle, while many are busy decking the halls, cyber adversaries are busy trimming up the cyber underground for peak cybercrime season. It’s the time of the year that threat actors deploy phishing scams and...

Expanding source coverage: adding Signal chats to threat intelligence
Threat Intelligence// Dec 16, 2024

Expanding source coverage: adding Signal chats to threat intelligence

Cybercriminals need easy ways to communicate, connect, and plan, whether they’re trading stolen credentials, rallying hacktivists, or mounting a targeted attack. Instant messaging platforms meet this need and are now an essen...

Holiday Season Cyber Threats (Part 1): Phishing, Fake Shops and Bogus Bookings
Threat Intelligence// Dec 06, 2024

Holiday Season Cyber Threats (Part 1): Phishing, Fake Shops and Bogus Bookings

The holiday season is here. It’s a time for reuniting with family and friends, travel and gift-giving. It’s also a prime time for cybercrime as millions of consumers head to online checkouts on Black Friday, Cyber Monday, Giv...

A Halloween Story: 10 Cyber Ghouls We Eyeballed In Q3 2024
Threat Intelligence// Oct 29, 2024

A Halloween Story: 10 Cyber Ghouls We Eyeballed In Q3 2024

In the third quarter of 2024, ransomware remained one of the most impactful threats to all sectors. Defenders were faced with a record number of vulnerabilities as nation-state actors, money lusting cybercriminals, and hackti...

Featured Resource
Intel 471 Logo 2024

AresLoader is a new loader malware-as-a-service (MaaS) offered by threat actors with links to Russian hacktivism that was spotted recently in the wild.