Predict your next investment

Still Active company logo
INTERNET | Internet Software & Services / Social
stillactive.se

See what CB Insights has to offer

Stage

Incubator/Accelerator | Alive

About Still Active

Still Active is an activity booking platform offering a close community for people 60+. Users search for activities by interests and city and can book and pay for them on the website. Membership is free.

Still Active Headquarter Location

Stockholm,

Sweden

Latest Still Active News

Phorpiex Botnet is Still Active and Thriving

May 25, 2021

Phorpiex, a botnet known for extortion campaigns, has started diversifying its infrastructure. The botnet has now become more resilient and spreads more dangerous payloads. According to Microsoft, it now maintains a large network of bots and performs malicious activities across new geographies. What has happened? Since 2018, the botnet has been observed to be conducting data exfiltration and ransomware delivery activities. Traditionally, it performed extortion and spamming activities, however, now it is focusing on cryptocurrency mining as well. Phorpiex is spreading several ransomware families such as Nemty, Knot, BitRansomware (DSoftCrypt/ReadMe), GandCrab, Avaddon, and Pony. The botnet’s geographic targeting has changed too. Previous campaigns aimed at Japanese targets, while recent activities focus on global distribution. Its tactics, techniques, and procedures stayed largely the same, with common filenames, execution patterns, and commands nearly consistent from early 2020 to date. However, the botnet has shifted some of its previous C2 architecture away from its usual hosting. It now prefers domain generation algorithm domains over static domains. Additional insights Phorpiex can propagate via several infection vectors, such as being loaded by other malware, unwanted programs, freeware, or via phishing emails from already-infected bots. From December 2020 to February, it was spotted in 160 countries, including Mexico (8.5%), Kazakhstan (7.8%), and Uzbekistan (7.3%), while the U.S. accounted for only 2.8% of attacks The bot can disable Microsoft Defender antivirus to establish persistence on target machines. It can modify registry keys to disable antivirus and firewall functionality or popups. The malware used social engineering tricks to lure its victims, such as sending messages about security bugs in Zoom and earned around $13,000 in just 10 days. Conclusion The combination of multiple infection vectors, along with recent changes, makes this botnet complex and dangerous. Though, for many years, the Phopiex botnet has had the same internal infrastructure with C2 mechanisms and source code. Experts suggest organizations have a reliable anti-malware solution and keep an eye on emerging threats.

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Still Active Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

Still Active Rank

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.