{"id":52313,"date":"2023-06-12T22:25:00","date_gmt":"2023-06-12T22:25:00","guid":{"rendered":"https:\/\/www.darkreading.com\/attacks-breaches\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info"},"modified":"2023-06-12T22:25:00","modified_gmt":"2023-06-12T22:25:00","slug":"new-loader-delivering-spyware-via-image-steals-cryptocurrency-info","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/","title":{"rendered":"New Loader Delivering Spyware via Image Steals Cryptocurrency Info"},"content":{"rendered":"

A sophisticated attack by Russian-language actors is using a novel loader and malware-laced PNG image file to drop malware for stealing cryptocurrency or business account information, researchers said. The multistage campaign appears to be primarily targeting entities in Europe, the United States, and Latin America, Kaspersky researchers wrote in a blog post<\/a> published June 12.<\/p>\n

The attack begins with “DoubleFinger,” a multistage loader that drops a image file containing malicious code onto a victim’s computer. The malware infects victims with “GreetingGhoul,” a novel stealer specially designed to siphon off cryptocurrency credentials.<\/span><\/p>\n

However, DoubleFinger isn’t exclusive to cryptocurrency attacks, the Kaspersky researchers said, as researchers also observed it dropping <\/span><\/span>Remcos RAT<\/a>, a popular tool among financially motivated cybercriminals. Once the <\/span>Remcos RAT gets into an enterprise network<\/a>, stopping the malware and its follow-on attacks can be difficult for businesses.<\/p>\n

Russian-speaking artifacts within the code suggest that the perpetrators of this campaign come from a Commonwealth of Independent States nation, though the researchers qualified that “the pieces of Russian text and the victimology are not enough to conclude that the ones behind this campaign are indeed from the post-Soviet space.”<\/span><\/span><\/p>\n

Stenography for Cryptocurrency<\/h2>\n

DoubleFinger attacks begin with a phishing email. If the victim clicks on the associated malicious program information file (.pif). This triggers a chain reaction leading to some malicious shellcode downloading a PNG image from imgur.com. The seemingly nondescript image utilizes <\/span><\/span>steganography \u2014 hiding secret information within nonsecret data<\/a>. The shellcode searches the PNG for a particular string in its code, 0xea79a5c6, which contains an encrypted payload.<\/span><\/p>\n

\"The<\/figure>\n

The PNG with embedded shellcode. Source: Kaspersky<\/em><\/span><\/p>\n

At the end of this attack chain, more often than not, is GreetingGhoul, an infostealer with two primary functions: It can detect victims’ cryptocurrency wallet apps and steal the sensitive credentials associated with them. GreenGhoul uses <\/span><\/span>MS WebView2<\/a> \u2014 a tool for embedding web code into desktop apps \u2014 to overlay phishing pages on top of legitimate crypto-wallet interfaces. It’s a move that evokes <\/span><\/span>banking Trojans of old, as users unwittingly type their sensitive wallet credentials into attacker-controlled fields.<\/span><\/p>\n

The image below, for example, depicts an overlay mimicking Ledger, the world’s most popular vendor for cryptocurrency hardware wallets. It prompts victims to enter their wallet’s seed phrase \u2014 the ultrasensitive set of 12 or 24 words which generates their private key, and grants unfettered access to all contents of the wallet. This is why <\/span>cryptocurrency investors are regularly reminded<\/a> to never give up their seed phrases to access their wallets to anyone.<\/p>\n

\"An<\/figure>\n

Source: Kaspersky<\/em><\/span><\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Sophisticated attackers are lacing malware into PNG image files in order to steal cryptocurrency and business information.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-52313","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\nNew Loader Delivering Spyware via Image Steals Cryptocurrency Info 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Loader Delivering Spyware via Image Steals Cryptocurrency Info 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-12T22:25:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/lh3.googleusercontent.com\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"New Loader Delivering Spyware via Image Steals Cryptocurrency Info\",\"datePublished\":\"2023-06-12T22:25:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/\"},\"wordCount\":431,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/lh3.googleusercontent.com\\\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/\",\"name\":\"New Loader Delivering Spyware via Image Steals Cryptocurrency Info 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/lh3.googleusercontent.com\\\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA\",\"datePublished\":\"2023-06-12T22:25:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#primaryimage\",\"url\":\"https:\\\/\\\/lh3.googleusercontent.com\\\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA\",\"contentUrl\":\"https:\\\/\\\/lh3.googleusercontent.com\\\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Loader Delivering Spyware via Image Steals Cryptocurrency Info\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Loader Delivering Spyware via Image Steals Cryptocurrency Info 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/","og_locale":"en_US","og_type":"article","og_title":"New Loader Delivering Spyware via Image Steals Cryptocurrency Info 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-06-12T22:25:00+00:00","og_image":[{"url":"https:\/\/lh3.googleusercontent.com\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"New Loader Delivering Spyware via Image Steals Cryptocurrency Info","datePublished":"2023-06-12T22:25:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/"},"wordCount":431,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#primaryimage"},"thumbnailUrl":"https:\/\/lh3.googleusercontent.com\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/","url":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/","name":"New Loader Delivering Spyware via Image Steals Cryptocurrency Info 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#primaryimage"},"thumbnailUrl":"https:\/\/lh3.googleusercontent.com\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA","datePublished":"2023-06-12T22:25:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#primaryimage","url":"https:\/\/lh3.googleusercontent.com\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA","contentUrl":"https:\/\/lh3.googleusercontent.com\/BusNAxX04pIE-ymX3rYTMLSBotgPGb0svWXgzGmdGdJ8S8vB4u4EDBZNjFNgGzDlnhy1iD346h0feUv0e-1NEV3dNy33gjmx8hOwsEDw_DmrOFgvJEZfwHoHZGStsaFGIH24sO8pe9UBXmn14yHLNLA"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/new-loader-delivering-spyware-via-image-steals-cryptocurrency-info\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"New Loader Delivering Spyware via Image Steals Cryptocurrency Info"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52313"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52313\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}