Threat Research

    Unveiling a New Variant of the DarkCloud Campaign

    In early July 2025, a new variant of the DarkCloud malware campaign was detected. This latest attack began with a phishing email containing a malicious RAR archive attachment. DarkCloud, first identified in 2022, is a stealthy Windows-based information stealer designed to harvest sensitive data such as login credentials, financial details, and contacts....
    8/8/2025  0
    Read More »

    New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer

    Researchers recently identified changes in DarkCloud Stealer’s distribution and obfuscation techniques, first observed in April 2025. These methods include a new infection chain with ConfuserEx obfuscation and a final payload written in Visual Basic 6 (VB6). Previous attacks linked to DarkCloud Stealer also used AutoIt for evasion, detailed in our earlier report....
    8/8/2025  0
    Read More »

    DarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoIt

    In January 2025, researchers uncovered a series of attacks delivering DarkCloud Stealer, a sophisticated malware that uses AutoIt scripting to evade detection. The attack chain involved hosting the malware on a file-sharing server and deploying multi-stage, obfuscated payloads, making it difficult for traditional security tools to detect....
    5/15/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.