We discovered a new BEC infrastructure: What happens when a 20-year-old domain is used in a BEC attack? An analysis of a phishing attack using a malicious SVG File.
KarstoRat (Remote Access Trojan) is an advanced modular malware consisting of 7 different modules, first detected in February 2026. This malware is designed for cyber espionage and financial gain and has been found to operate through a C2 infrastructure located in Germany.
The MaaS (Malware as a Service) model continues to evolve in the world of cybercrime. This new mobile spyware platform, dubbed “ZeroDayRAT” and examined by Cyberthint researchers, allows anyone without technical expertise to become an advanced cyber spy.
Attacks that exploit regional and cultural elements are on the rise in the cybercrime world. A new Android banking malware called “Frogblight” is running a sophisticated campaign specifically targeting Turkish users.
This analysis covers the social engineering techniques used by Frogblight (fake applications disguised as e-Devlet/UYAP), its technical evolution, and the precautions that institutions/users should take.
Cyberthint Threat Hunters have analyzed a large-scale smishing attack targeting Turkish citizens residing in Istanbul, Turkey for our dear readers/followers.
WhiteSnake Stealer is a stealer malware sold on underground hacker/cybercrime forums, first observed in early February of 2023. It has been developed in .NET language and can run on Windows and Linux as a cross-platform.