Questions? +1 (202) 335-3939 Login
Trusted News Since 1995
A service for global professionals · Thursday, July 31, 2025 · 835,751,949 Articles · 3+ Million Readers

ANY.RUN Reveals Major Cyber Attacks in July: Fake 7-Zip App, New DeerStealer Campaign, and More

DUBAI, DUBAI, UNITED ARAB EMIRATES, July 30, 2025 /EINPresswire.com/ -- ANY.RUN has released its July 2025 cyber threat report. The study highlights the most active malware families, infection techniques, and a growing trend: cybercriminals are increasingly using legitimate Remote Monitoring and Management (RMM) software to attack corporate systems.

๐Š๐ž๐ฒ ๐Ÿ๐ข๐ง๐๐ข๐ง๐ ๐ฌ ๐Ÿ๐ซ๐จ๐ฆ ๐‰๐ฎ๐ฅ๐ฒ ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“
โ— DeerStealer campaign: spread via obfuscated .LNK shortcuts. Execution goes through mshta.exe and PowerShell, allowing malware to bypass basic defenses and deliver payloads silently.
โ— Fake 7โ€‘Zip installer: downloads a malicious archive that extracts Active Directory files, including ntds.dit and the SYSTEM hive. Attackers can use this data for privilege escalation and full domain compromise.
โ— Snake Keylogger activity: increased attacks against banking and financial services. The malware uses multiple layers of obfuscation, LOLBins, and registry changes for persistence.

๐๐ซ๐จ๐š๐๐ž๐ซ ๐ญ๐ซ๐ž๐ง๐๐ฌ ๐ข๐ง ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“
โ— ๐€๐›๐ฎ๐ฌ๐ž ๐จ๐Ÿ ๐‘๐Œ๐Œ ๐ญ๐จ๐จ๐ฅ๐ฌ: attackers often rely on tools normally used by IT teams to gain remote access and move inside networks.
โ— ๐“๐จ๐ฉ ๐Ÿ“ ๐š๐›๐ฎ๐ฌ๐ž๐ ๐‘๐Œ๐Œ ๐ฌ๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ (๐‡๐Ÿ ๐Ÿ๐ŸŽ๐Ÿ๐Ÿ“): ScreenConnect, UltraVNC, NetSupport, PDQ Connect, Atera.
โ— ๐‹๐ข๐ฏ๐ข๐ง๐ -๐จ๐Ÿ๐Ÿ-๐ญ๐ก๐ž-๐ฅ๐š๐ง๐ ๐ญ๐š๐œ๐ญ๐ข๐œ๐ฌ: cybercriminals increasingly use built-in Windows tools to stay undetected.
โ— ๐’๐ญ๐ž๐š๐ฅ๐ž๐ซ ๐ฆ๐š๐ฅ๐ฐ๐š๐ซ๐ž ๐ ๐ซ๐จ๐ฐ๐ญ๐ก: campaigns distributing informationโ€‘stealers remain among the most common threats, often delivered through phishing emails or fake software installers.

Visit the ANY.RUN blog for more details.

๐‡๐จ๐ฐ ๐€๐๐˜.๐‘๐”๐ ๐ก๐ž๐ฅ๐ฉ๐ฌ ๐›๐ฎ๐ฌ๐ข๐ง๐ž๐ฌ๐ฌ๐ž๐ฌ ๐๐ž๐ญ๐ž๐œ๐ญ ๐ง๐ž๐ฐ ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ ๐ž๐š๐ซ๐ฅ๐ฒ
All the threats were identified using ANY.RUNโ€™s malware analysis and threat intelligence solutions that empower companies across finance, healthcare, IT, government, and other industries to catch attacks before they cause damage.

Hereโ€™s how ANY.RUN helps companies stay safer:
โ— Faster detection of threats and reduced Mean Time to Detect (MTTD)
โ— Full visibility into what threats do on the system without any guesswork
โ— Immediate access to IOCs for SIEM enrichment and faster response
โ— Less manual effort for analysts, thanks to automated analysis
โ— Lower risk of breaches, data loss, and business disruption
โ— Shareable, detailed reports for internal teams, clients, or compliance needs

๐€๐›๐จ๐ฎ๐ญ ๐€๐๐˜.๐‘๐”๐
ANY.RUN is a provider of cybersecurity solutions. Among its products are Interactive sandbox for analysis of malicious behavior in real time and threat intelligence solutions TI Lookup and TI Feeds suitable for browsing and monitoring emerging and evolving threats targeting over 15,000 companies in sectors like finance, manufacturing, and healthcare.

The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
LinkedIn
YouTube
X

Powered by EIN Presswire

Distribution channels: Banking, Finance & Investment Industry, Companies, Electronics Industry, IT Industry, Technology

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Submit your press release