Today’s cyber threat landscape is rapidly evolving, making it increasingly difficult for adversaries to tell the difference between traditional malware families, as adversaries combine their capabilities to maximise their impact. Skitnet, an advanced multistage post-exploitation toolkit, is one of the best examples of this convergence, as it emerged as an evolution of the legacy Skimer malware, a sophisticated multi-stage post-exploitation toolkit.
Skitnet, which was once used as a tool for skimming card information from ATMs, has been repurposed as one of the strongest weapons in the arsenal of advanced ransomware groups, notably Black Basta. In the last few months, it has appeared again as part of a larger tactical shift aimed at focusing on stealth, persistent access, data exfiltration, and support for double extortion ransomware campaigns that move away from singular objectives like financial theft.
Since April 2024, Skitnet, which is also known as Bossnet in some underground circles, has been actively traded on darknet forums like RAMP, with a noticeable uptake noticed among cybercriminals by early 2025. This version has an enterprise-scale modular architecture, unlike its predecessor, which allows it to operate at an enterprise scale.
There is no need to worry about fileless execution, DNS-based communication for command-and-control (C2), system persistence, or seamless integr
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: