During August 2025, Lab52 gained access to artifacts linked to Lazarus through DreamJob campaigns. Some of these artifacts and their operational details were recently highlighted by ESET (e.g., radcui.dll, HideFirstLetter.dll).From our perspective, one of the most notable aspects of this campaign is the use of various types of loaders — components capable of deploying different […]
RansomHub Ransomware – New Infection Chains Unveiled
From Lab52, we are very aware that in the fight against ransomware, we must not focus solely on the final artifact but must pay attention to every phase of deployment. Unfortunately, it will not always be possible to accurately identify the entire infection chain, as highlighted in the latest statistics by Coveware. The objective of […]
Ransomware’s Christmas Carol
Around mid-year, Lab52 published a report on ransomware that included both geopolitical and cyber intelligence content. The report includes the analysis of different sources of information and showcasing some of our cyberintelligence findings in this regard. However, the activity of this type of malware prompts Lab52 to closely track the various recorded cases. Therefore, taking […]