Amateur Hacker Leverages Bulletproof Hosting Server to Spread Malware

SUMMARY :

A novice cybercriminal, known as 'Coquettte', has been discovered using a Russian bulletproof hosting provider, Proton66, to distribute malware. The hacker's activities include deploying the Rugmi malware loader through a fake cybersecurity product website and selling guides for illegal substances and weapons. Coquettte is believed to be part of a loosely structured hacking collective called Horrid. The threat actor's infrastructure spans multiple domains and platforms, including GitHub, YouTube, and Last.fm. This network appears to serve as an incubator for aspiring cybercriminals, offering malware resources, hosting solutions, and a collaborative environment for underground hacking activities.

OPENCTI LABELS :

amadey,vidar,rescoms,lumma stealer,rugmi,amateur hacker,proton66,cybercrime incubator,bulletproof hosting,fake antivirus,raccoon stealer v2,illegal guides,horrid collective


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Amateur Hacker Leverages Bulletproof Hosting Server to Spread Malware