EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Ragnarok Phorpiex US Cryptocurrency Heists

EclecticIQ Threat Research Team September 13, 2021

Threat Actor Update: Ragnarok and Phorpiex Disappearance from Malware Landscape is Unlikely to Reduce the Threat

According to separate articles from E Hacking News, two ransomware families ceased operations during the last week of August. The Ragnarok ransomware group, also known as Asnarok, published a master decryption key online and ceased all other operations without an explanation. The group had been active since at least 2019. (1) Similarly, the creators of the Phorpiex botnet abandoned operations and are offering the malware source code for sale online. The botnet’s two original developers are no longer maintaining the botnet, which is the implied reason for the shutdown. (2)

The current cyber threat landscape remains full of malware families whose tools and operations continue growing in size and sophistication, so the shutdown of two known malware families will probably have a negligible impact on the cyber threat landscape in the medium-to-long term. EclecticIQ threat researchers assess that skilled threat actors associated with either organization will probably easily transition to working on other malware projects. Analysts will watch for indications about the amount paid for Phorpiex’s source code—if it sells. An especially quick or lucrative sale could shed light on the demand for off-the-shelf, proven-to-work malware code.

Policy and Governance: U.S. Brings Industry Leaders Together to Initiate Cyber Cooperation

On 25 August, U.S. President Joe Biden convened a meeting of leaders from across industry and academia to discuss a “whole of nation” approach to cybersecurity, which the Biden administration called a “national security and economic security imperative.” Among the pronouncements from the meeting, the government pledged to establish a new supply chain security framework, and to add natural gas pipelines to the Industrial Control Systems Cybersecurity Initiative. Top-tier tech companies, educational institutions and non-governmental organizations pledged a variety of cyber education and investment initiatives, some spanning the next several years. (3)

Cooperative efforts like this one, which cross the government-industry-academia divide, are helpful first steps in becoming more cyber-secure. Nonetheless, implementing real cyber security initiatives will undoubtedly be extremely costly and time consuming, and the biggest challenge will be ensuring that cooperation continues long-term. Governments will be most successful in partnering with the tech industry if they incentivize voluntary cyber security measures, demonstrate the fiscal benefits of preventing attacks, and take a cooperative (not adversarial) stance to assist victims of cyberattacks.

New and Noteworthy: Yet Another Crypto Heist Illustrates Enduring Risk of Cyber Theft to Cryptocurrency Assets

Decentralized Finance (DeFi) organization Cream Finance suffered a loss of over $34 million when an attacker exploited a vulnerability to make off with Etherium and AMP tokens. Cream Finance is offering to let the thief keep 10% of the stolen tokens as a bounty as long as he returns the remaining 90%. The company is also offering 50% of the assets to anybody who provides information about the attacker. Notwithstanding those two options, the company pledged to set aside 20% of its protocol fees to replace customers’ lost assets. (4) This theft comes on the heels of attacks against other cryptocurrency assets via attacks against Poly Network, Liquid, and Popsicle Finance, each of which were victims of crypto theft in August. (5, 6, 7)

This spate of thefts is probably a result of several factors which contribute to the growing appeal of stealing cryptocurrency assets. As expected, the risk of theft of cryptocurrency assets will continue to rise as cryptocurrency gains popularity and as the number of cryptocurrency vendors grows. Both factors will increase the sheer number of opportunities for theft. Furthermore, the lack of legislation surrounding crypto-related crimes leaves companies to fend for themselves in the aftermath of a theft. The current trend of offering amnesty, financial reward, or even employment to cryptocurrency thieves will reinforce the notion that this activity is somehow less destructive and thus more acceptable than traditional robberies. Crypto investors would be wise to consider these heightened risks when investing in crypto assets until companies demonstrate mature security capabilities for crypto assets.

About EclecticIQ Threat Research

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services. Headquartered in Amsterdam, the EclecticIQ Threat Research team is made up of experts from Europe and the U.S. with decades of experience in cyber security and intelligence in industry and government.

We would love to hear from you. Please send us your feedback by emailing us at research@eclecticiq.com.

Appendix:

  1. https://www.ehackingnews.com/2021/08/ragnarok-ransomware-gang-releases-free.html
  2. https://www.ehackingnews.com/2021/08/phorpiex-malware-has-shut-down-their.html
  3. https://www.whitehouse.gov/briefing-room/statements-releases/2021/08/25/fact-sheet-biden-administration-and-private-sector-leaders-announce-ambitious-initiatives-to-bolster-the-nations-cybersecurity/
  4. https://www.zdnet.com/article/cream-finance-wallet-pilfered-for-34-million-in-cryptocurrency/#ftag=RSSbaffb68
  5. https://www.ehackingnews.com/2021/08/the-hacker-behind-biggest-crypto-heist.html
  6. https://www.welivesecurity.com/2021/08/20/hackers-swipe-100million-cryptocurrency-exchange/
  7. https://www.coindesk.com/markets/2021/08/04/popsicle-finance-loses-207m-in-cyberattack/ 

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

3 more posts you might like

All Blog Posts (115)

Explore all topics

© 2014 – 2021 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo