Threats Tagged 'targeted campaign'
View all threats tagged with 'targeted campaign'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'targeted campaign'
Click on any threat for detailed analysis and mitigation recommendations
Highly destructive Lotus Wiper used in a targeted attack 0 A highly targeted destructive wiper campaign dubbed 'Lotus Wiper' was discovered targeting the energy and utilities sector in Venezuela during late 2025 and early 2026. The attack begins with batch scripts coordinating execution across networks using domain shares as trigger mechanisms. These scripts disable security services, lock out users, and prepare the environment for the final payload. The Lotus Wiper systematically destroys data by wiping physical drives with zeros, deleting restore points, clearing USN journals, and recursively deleting files. Unlike ransomware, this wiper has no financial motivation or ransom demands, designed purely for data destruction. Evidence suggests attackers maintained long-term domain access prior to the attack, with the wiper compiled months before deployment. The malware targets older Windows systems and uses legitimate system tools like diskpart, robocopy, and fsutil. Join the discussion | AlienVault OTX General | 04/21/2026, 12:09:44 UTC Added: 04/21/2026, 15:16:05 UTC |
Copyright Lures Mask a Multi-Stage PureLog Stealer Attack on Key Industries 0 A sophisticated malware campaign delivering PureLog Stealer has been identified, targeting healthcare, government, hospitality, and education sectors in multiple countries. The attack uses localized copyright violation lures to trick victims into executing a multi-stage infection chain. The malware employs encrypted payloads, remote key retrieval, and fileless execution techniques to evade detection. It utilizes a Python-based loader and dual .NET loaders to run PureLog Stealer entirely in memory. The campaign incorporates AMSI bypass, registry persistence, screenshot capture, and victim fingerprinting for stealth and intelligence gathering. Evidence confirms communication with PureLog-associated infrastructure. MediumMalware Join the discussion United States United Kingdom Germany+7#copyright lure#fileless execution#targeted campaign | AlienVault OTX General | 03/20/2026, 08:13:38 UTC Added: 03/20/2026, 08:23:29 UTC |
Showing 1 to 2 of 2 results