News & Press: Respond to Cyber Threats | Intel 471 Skip to content
Company

News & Press Releases

Hero background fallback
Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms
Jun 20, 2025

Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms

The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals.

Andrei Tarasov: Escape Artist, Nihilist, Dangerous Russian Cybercriminal
Jun 16, 2025

Andrei Tarasov: Escape Artist, Nihilist, Dangerous Russian Cybercriminal

Security Week’s Kevin Townsend writes that a recent Intel 471 report explores the career of Andrei Tarasov, a cybercriminal deeply involved in exploit kit and ransomware operations.

Researchers warn of privilege escalation attacks on Android devices
Jun 13, 2025

Researchers warn of privilege escalation attacks on Android devices

Research published by Intel 471 found a surge in Android malware that involves hidden virtual network computing, keylogging, and remote control functionalities.

The Mystery Behind Notorious Russian Hacker DukeEugene
Jun 12, 2025

The Mystery Behind Notorious Russian Hacker DukeEugene

The hacker, known as DukeEugene, who the experts said sold expensive Android hacking services to other criminals, told everyone exactly where he was going: the frontlines of the invasion of Ukraine.

DragonForce Ransomware Group – The Rise of a Relentless Cyber Threat in 2025
Jun 12, 2025

DragonForce Ransomware Group – The Rise of a Relentless Cyber Threat in 2025

The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns.

Three things to learn to stay afloat in today’s digital world
Jun 11, 2025

Three things to learn to stay afloat in today’s digital world

AI is seeping into our everyday lives through the smallest of holes. Do you feel like a dinosaur if you are not using AI? It seems that many employees are being pressured into vibe’ing at work by using some large language model (LLM).

Here’s why ignoring politics is no longer an option for cyber pros
Jun 10, 2025

Here’s why ignoring politics is no longer an option for cyber pros

Ashley Jess, an Intel 471 senior intelligence analyst, was quoted in this Cybernews article on intersection of cyber and politics.

Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
Jun 09, 2025

Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks

Intel 471, in a report last week, highlighted an increase in Android malware incorporating hidden virtual network computing (HVNC), keylogging, and remote control functionalities, and a decrease in web injects.

How emerging ransomware trends can help inform payment decisions
Jun 05, 2025

How emerging ransomware trends can help inform payment decisions

Thanks to intensified activity on the part of law enforcement agencies worldwide – resulting in the shutdown of highly profitable and destructive ransomware-as-a-service (RaaS) groups such as LockBit – we’ve seen some encouraging signs within the ongoing fight against ransomware threats.

Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
Jun 04, 2025

Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards

Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. According to Intel 471's Report, this loader enables attackers to sidestep Google’s restrictions, ensuring that malware can exploit accessibility features to harvest sensitive data and execute unauthorized actions.

Featured Resource
Intel 471 Logo 2024

AresLoader is a new loader malware-as-a-service (MaaS) offered by threat actors with links to Russian hacktivism that was spotted recently in the wild.