Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Hackers abuse leaked Shellter red team tool to deploy infostealers

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software. In a report on July 3rd, Elastic Security Labs disclosed that multiple threat actors have been abusing Shellter Elite v11.0 to deploy infostealers, including Rhadamanthys, Lumma, and Arechclient2. Shellter Elite is a commercial AV/EDR evasion loader used by security professionals (red teams and penetration testers) to deploy payloads stealthily within legitimate Windows binaries, evading EDR tools during security engagements. Based on the unique license timestamps, the researchers hypothesized that the threat actors were using a single leaked copy, which Shellter subsequently officially confirmed. Elastic has developed detections for v11.0-based samples, so payloads crafted with that version of Shellter Elite are now detectable. "We discovered that a company which had recently purchased Shellter Elite licenses had leaked their copy of the software," Shellter says in a statement. Shellter released Elite version 11.1 which it will only distribute to vetted customers, excluding the one that leaked the previous version. The abuse has kept going for several months and even though security researchers caught the activity in the wild, Shellter did not receive a notification.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 07 Jul 2025 14:50:10 +0000

Cyber News related to Hackers abuse leaked Shellter red team tool to deploy infostealers

Hackers abuse leaked Shellter red team tool to deploy infostealers - Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software. In a report on July 3rd, Elastic Security ...
2 months ago Bleepingcomputer.com

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2024-58071 - In the Linux kernel, the following vulnerability has been resolved: ...
6 months ago

Why Infostealers are Stealing the Security Spotlight - The threat from Malware continues to escalate with infostealers, an increasingly popular variant. Research found that 24% of malware is now infostealers, and it's now one of the most popular topics on the cybercriminal underground. The malicious ...
1 year ago Cybersecurity-insiders.com

Threat Actors Abused AV - EDR Evasion Framework In-The-Wild to Deploy Malware Payloads - Cybersecurity researchers have uncovered a concerning development as malicious actors began exploiting SHELLTER, a commercial anti-virus and endpoint detection response (EDR) evasion framework, to deploy sophisticated malware payloads. The commercial ...
2 months ago Cybersecuritynews.com

10 Best Free Blue Team Tools in 2025 - IT security experts utilize blue team tools to protect against simulated cyber threats launched by the “red team” to improve cybersecurity and penetration testing procedures. Sigma is a blue team tool for creating and using signatures ...
5 months ago Cybersecuritynews.com

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning - Our structured query language (SQL) injection detection model detected triggers containing unusual patterns that did not correlate to any known open-source or commercial automated vulnerability scanning tool. We have tested all malicious payloads ...
11 months ago Unit42.paloaltonetworks.com

Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com

Beyond Protocols: How Team Camaraderie Fortifies Security - When we think about the many different tasks a security team must complete, many of them are challenging and time consuming, to say the least. Logic would dictate that if the security team is of high quality and its members enjoy working with one ...
1 year ago Securityweek.com

How to build a cyber incident response team - As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes - including many of the examples discussed in this post. He explains everything you need to know about building and ...
1 year ago Heimdalsecurity.com

10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
5 months ago Cybersecuritynews.com

Meet the new CloudGuard: Risk Management in Action - Security teams need to plan the measures taken to reduce the harmful effects of a CVE, to ensure that the applications they are managing remain secure while business availability is not affected, and developers can continue with their day-to-day ...
1 year ago Blog.checkpoint.com

Alleged ShinyHunters Hacker Pleads Not Guilty After US Extradition - The ShinyHunters group is known for some of the largest data breaches in 2021-2022, in which the personal data of hundreds of millions of users was leaked on the now-seized Raidforums. In July 2022, HackRead.com reported on Sebastian Raoult, an ...
2 years ago Hackread.com Hunters

Red Hat OpenShift Service on AWS obtains FedRAMP "Ready" designation - This means that Red Hat is now listed on the FedRAMP Marketplace as actively pursuing JAB authorization, with additional updates showing our progress and achievements across the two paths for authorization: The existing Agency Authority to Operate ...
1 year ago Redhat.com

Top 30 Best Penetration Testing Tools - 2025 - The tool supports various protocols and offers advanced filtering and analysis capabilities, making it ideal for diagnosing network issues, investigating security incidents, and understanding complex network interactions during penetration testing. ...
5 months ago Cybersecuritynews.com

Failing Upwards: Put on your own mask before assisting others - From poor leaders, I've learned what doesn't work: breaking the team's trust, operating without transparency, employing a destructive and unempathetic approach, micromanaging, and setting people up for failure. In contrast to the negative leadership ...
1 year ago Blog.zsec.uk

Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
2 years ago Bleepingcomputer.com

Iran-linked hackers claim to leak troves of documents from Israeli hospital - A hacker group allegedly linked to Iran claimed to have leaked thousands of medical records from an Israeli hospital, including those of Israeli soldiers. In a cyberattack on Ziv Medical Center in the city of Safed, near the border with Syria and ...
1 year ago Therecord.media MuddyWater

70 million account credentials were leaked in a massive password dump - A security researcher has unearthed what appears to be one of the biggest password dumps ever. Over 70 million unique credentials have been leaked on the dark web. ADVERTISEMENT. The news came to light when Troy Hunt, the owner of the popular breach ...
1 year ago Ghacks.net

Do More with Security Orchestration, Automation, and Response - Today, security operations center teams face dual challenges of acquiring both the right caliber and quantity of staff. With this gap, it's important for SOC teams to consider security, orchestration, automation and response solutions to automate ...
1 year ago Securityboulevard.com

23andMe confirms nearly 7 million customers affected in data leak - Nearly 7 million 23andMe customers had their profile data leaked in a cybersecurity incident in October, a company spokesperson confirmed to SC Media on Monday. The vast majority of the leaked data was scraped from the site's DNA Relatives feature ...
1 year ago Packetstormsecurity.com

20 Best Inventory Management Tools in 2025 - inFlow Inventory is a comprehensive inventory management tool designed for small to medium-sized businesses, offering features like real-time stock tracking, order management, and barcode scanning to streamline operations. The tool provides advanced ...
1 month ago Cybersecuritynews.com

TeamViewer abused to breach networks in new ransomware attacks - Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. TeamViewer is a legitimate remote access tool used extensively in the ...
1 year ago Bleepingcomputer.com LockBit

How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com

Why Red Teams Can't Answer Defenders' Most Important Questions - Red teaming is useful for plenty of other things, but it's the wrong protocol for answering this specific question about defense efficacy. By their nature, they only test a few specific variants of a few possible attack techniques that an adversary ...
1 year ago Darkreading.com

Hackers email stolen student data to parents of Nevada school district - The Clark County School District in Nevada is dealing with a potentially massive data breach, as hackers email parents their children's' data that was allegedly stolen during a recent cyberattack. CCSD is the fifth largest school district in the US, ...
1 year ago Bleepingcomputer.com