Summary: EncryptHub, a financially motivated threat actor, is executing advanced phishing campaigns focused on deploying information stealers and ransomware while developing a new tool named EncryptRAT. The group utilizes a variety of distribution methods, including third-party PPI services, to enhance their attack efficacy. Organizations are urged to adopt multi-layered security strategies to combat these evolving threats.
Affected: Organizations across multiple industries
Keypoints :
- EncryptHub orchestrates sophisticated phishing attacks to compromise high-value targets through social engineering.
- Phishing campaigns often utilize trojanized versions of popular applications and rely on bulletproof hosting for phishing sites.
- As part of their evolving tactics, EncryptHub is developing EncryptRAT, a command-and-control panel for managing infections and stolen data.
Source: https://thehackernews.com/2025/03/encrypthub-deploys-ransomware-and.html