Threats Tagged 'jfrutas'
View all threats tagged with 'jfrutas'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'jfrutas'
Click on any threat for detailed analysis and mitigation recommendations
New ransomware targets Turkey via Adwind RAT 0 A threat cluster has been identified leveraging a customized Adwind (Java RAT) variant with polymorphic characteristics to deliver JanaWare ransomware. The campaign specifically targets Turkish users through geofencing mechanisms that check system locale and external IP geolocation. Active since at least 2020, the operation primarily affects home users and small to medium-sized businesses. Initial access occurs via phishing emails with malicious Java archives distributed through Google Drive links. The ransomware employs AES encryption and communicates over Tor networks, demanding modest ransoms between $200-$400. The malware uses multiple obfuscation techniques including Stringer and Allatori obfuscators, implements file pumping for polymorphism, and disables Windows security features before encryption. Victims are instructed to contact attackers through qTox or dedicated Tor onion sites. Join the discussion | AlienVault OTX General | 04/15/2026, 15:04:44 UTC Added: 04/15/2026, 16:01:51 UTC |
Showing 1 to 1 of 1 result