Threat Research

    A Slopoly Start to AI-enhanced Ransomware Attacks

    A financially motivated threat group tracked as Hive0163 has been observed using a likely AI-generated malware called Slopoly during ransomware attacks, marking an early example of AI-driven malware development in real-world operations....
    3/18/2026  0
    Read More »

    #StopRansomware: Interlock

    Interlock ransomware, active since late September 2024, targets businesses and infrastructure in North America and Europe with financially driven attacks. The FBI notes its use of encryptors for both Windows and Linux, often impacting virtual machines. Initial access methods include drive-by downloads from compromised sites and the ClickFix social engineering tactic....
    7/23/2025  0
    Read More »

    KongTuke FileFix Leads to New Interlock RAT Variant

    We’ve discovered a new, resilient variant of the Interlock ransomware group’s remote access trojan (RAT), now rewritten in PHP rather than JavaScript (previously known as NodeSnake). This version has been actively used in a widespread campaign linked to the LandUpdate808 (aka KongTuke) threat clusters since May 2025....
    7/14/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.