News & Press: Respond to Cyber Threats | Intel 471 Skip to content
Company

News & Press Releases

Hero background fallback
Ransomware Attacks a Decade In: What Changed? What Didn’t?
Mar 09, 2025

Ransomware Attacks a Decade In: What Changed? What Didn’t?

2025 brings us close to an interesting milestone - ransomware attacks, in their current, enterprise-focused form, are almost a decade old. These attacks are so common today, it's impossible to report on all of them.

Black Basta’s Notorious Tactics and Techniques Exposed in Leaked Intel
Mar 06, 2025

Black Basta’s Notorious Tactics and Techniques Exposed in Leaked Intel

A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations, capabilities, and motivations.

Risky Bulletin: nRootTag turns any Bluetooth device into an AirTag
Mar 05, 2025

Risky Bulletin: nRootTag turns any Bluetooth device into an AirTag

A team of academics has found a way to remotely turn any Bluetooth-capable device into an AirTag tracker. The technique is named nRootTag and abuses how Apple's FindMy network indexes AirTags and searches for tracked or lost devices.

TgToxic malware evolves with advanced anti-detection techniques
Mar 05, 2025

TgToxic malware evolves with advanced anti-detection techniques

Cybersecurity researchers have identified a new variant of the TgToxic Android malware, also known as ToxicPanda, which highlighted its evolving threat as attackers use public reporting to their advantage, according to The Hacker News.

AI still more of a buzzword than a real tool in cybercriminal underground
Mar 04, 2025

AI still more of a buzzword than a real tool in cybercriminal underground

In its annual threat report for 2024, Intel 471, a global provider of cyber threat intelligence solutions, rejoices that the cybercriminal underground has been substantially disrupted during “a year of law enforcement wins.”

Latin American Orgs Face 40% More Attacks Than Global Average
Mar 03, 2025

Latin American Orgs Face 40% More Attacks Than Global Average

Cyber threats are accelerating faster in Latin America than anywhere else in the world. The trend has been building for at least a year now, actually. Last summer, Check Point tracked a 53% year-over-year rise in weekly cyberattacks against organizations in the region, followed at a distance by Africa (37%) and Europe (35%).

Black Basta leader escapes from courtroom in Armenia while awaiting judge's decision
Mar 03, 2025

Black Basta leader escapes from courtroom in Armenia while awaiting judge's decision

Intel 471, a cyber threat intelligence company, connected more dots tying the persona of Basta Ransomware gang leader, known as GG (tramp, usernamegg), to Oleg Nefedov. Black Basta’s internal messages were recently leaked, revealing many intricacies about the ransomware gang's operations.

Lazarus Group hackers have laundered 100% of the $1.4 billion they stole from Bybit
Mar 03, 2025

Lazarus Group hackers have laundered 100% of the $1.4 billion they stole from Bybit

The hackers, part of North Korea's Lazarus Group, moved all 500,000 stolen Ether (ETH), now valued at approximately $1.04 billion, primarily through the decentralized cross-chain protocol THORChain, blockchain security firm Lookonchain reported.

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
Feb 27, 2025

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades

Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting.

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
Feb 27, 2025

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades

Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting.

Featured Resource
Intel 471 Logo 2024

AresLoader is a new loader malware-as-a-service (MaaS) offered by threat actors with links to Russian hacktivism that was spotted recently in the wild.