CyberMaterial: Threats

GoldPickaxe

CyberMaterial — Sat, 02 May 2026 14:01:48 GMT

Most people think mobile malware is about stolen passwords, banking logins, or credit card details.

But GoldPickaxe changed that.

This is one of the more dangerous mobile malware campaigns to emerge in recent years because it doesn’t stop at account access, it targets identity itself.

And that changes everything.

Watch Summary Video Below: ⬇️

Smishing Triad

CyberMaterial — Mon, 20 Apr 2026 21:00:44 GMT

Key facts

Threat type: SMS phishing and credential theft
Active since: Around 2021
Primary targets: Mobile users in Europe, Asia, and North America
Techniques: Spoofed SMS, fake websites, Android trojans
Goal: Harvest banking data and online account credentials

Watch Summary Video Below: ⬇️

FluBot / Android banking malware

CyberMaterial — Mon, 06 Apr 2026 18:04:08 GMT

FluBot is a fast-spreading mobile threat targeting users of Android devices. It’s designed to steal sensitive information—especially banking credentials—and spread itself aggressively through infected devices.

What it is:

FluBot is a banking trojan that primarily spreads through malicious SMS messages. Once installed, it can steal passwords, intercept SMS messages, and even take control of your device.

Watch Summary Video Below: ⬇️

CryptoCore / UNC1069

CyberMaterial — Thu, 19 Feb 2026 19:49:37 GMT

The group widely tracked as CryptoCore, also referred to by Mandiant as UNC1069, has evolved from traditional spear-phishing campaigns into multi-stage intrusions powered by AI-generated deception, deepfake video, and tailored malware frameworks.

This is not opportunistic crime. It is structured, patient, and increasingly sophisticated.

A Familiar Actor with Evolving Tradecraft

CryptoCore has been active since at least 2018, primarily targeting:

Storm-1811 (Cybercriminal) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 03:06:18 GMT

Storm-1811

Date of Initial Activity

April 2024

Suspected attribution

Cybercriminal

Government Affiliation

Motivation

Financial Gain

Associated tools

Quick Assist
Black Basta Ransomware
Batch Files
Custom Scrip…

CopyCop (State-Sponsored) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 03:05:03 GMT

CopyCop

Location

Russia

Date of Initial Activity

March 2024

Suspected attribution

State-sponsored Threar Group

Government Affiliation

Yes

Motivation

Spreading Disinformation campaigns by leveraging generative …

Storm-0539 – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 03:03:04 GMT

Storm-0539

Location

Morocco

Date of Initial Activity

2021

Suspected Attribution

Cybercriminal

Motivation

Financial Gain

Overview

Storm-0539 is a sophisticated cybercrime group originating from Morocco and act…

Void Manticore (Storm-0842) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:56:16 GMT

Void Manticore

Other Names

Storm-0842

Karma

Homeland Justice

Location

Iran

Date of initial activity

2023

Suspected attribution

State-sponsored Threat Group

Government Affiliation

Yes

Associated Groups

Scarred Mant…

Unfading Sea Haze – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:55:03 GMT

Unfading Sea Haze

Location

China

Date of initial activity

2018

Suspected attribution

Cybercriminal

Government Affiliation

Unknown

Motivation

Cyberespionage

Associated tools

SilentGh0st
.NET Payloads
Ps2dllLoader
Sh…

Ikaruz Red Team – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:53:43 GMT

Ikaruz Red Team

Location

Turkey

Date of Initial Activity

2004

Suspected attribution

Hactivist Group

Government Affiliation

Unknown

Associated Groups

Turk Hack Team, PHEDS

Motivation

Hacktivism

Associated tools

Loc…

UAC-0188 (FRwL) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:52:10 GMT

UAC-0188

Other Names

From Russia With Love, FRwL

Location

Russia

Date of initial activity

2022

Suspected attribution

Hactivist Group

Government Affiliation

Unknown

Motivation

Hacktivism

Associated tools

Somnia Ran…

Ghostr (Cybercriminal) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:51:25 GMT

Ghostr

Location

China

Date of initial activity

2017

Suspected attribution

Cybercriminal

Government Affiliation

Associated Groups

APT10(MenuPass, POTASSIUM, Stone Panda, Red Apollo, and CVNX)

Motivation

Financ…

UAC-0200 (State-Sponsored) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:48:58 GMT

UAC-0200

Location

Luhansk People's Republic (LPR- self proclaimed breakaway region in ukraine supported by Russia)

Date of Initial Activity

2024

Suspected attribution

State-sponsored threat group

Government…

Turla (The Epic Turla, Snake) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:48:04 GMT

Turla

Other Names

The Epic Turla

Snake

Uroburos

Epic

Location

Russia

Date of initial activity

2004

Suspected attribution

State-sponsored Threat Group

Government Affiliation

Yes

Associated Groups

IRON HUNTER, Group …

Royal Tiger – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:46:13 GMT

Royal Tiger

Date of Initial Activity

2024

Suspected Attribution

Cybercriminal

Government Affiliation

Motivation

Financial Gain

Overview

Royal Tiger, led by figures like Prince Jashvantlal Anand and Kausha…

Sharp Dragon (Sharp Panda) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:45:06 GMT

Sharp Dragon

Other Names

Sharp Panda

Panda

Panda Dragon

Location

China

Date of initial activity

2021

Suspected Attribution

Cybercriminal

Government Affiliation

Motivation

Cyberespionage

Associated Tools

VictoryD…

FlyingYeti (UAC-0149) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:44:28 GMT

FlyingYeti

Other Names

UAC-0149

Location

Russia

Date of Initial Activity

2014

Suspected Attribution

State-sponsored threat actor

Government Affiliation

Yes

Associated Groups

Fancy Bear, Cozy Bear, Sofacy

Motivat…

LilacSquid (UAT-4820) – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:43:04 GMT

LilacSquid

Other Names

UAT-4820

Date of Initial Activity

2021

Suspected Attribution

Cybercriminal

Government Affiliation

Associated Groups

Unknown

Motivation

Financial Gain

Associated Tools

MeshAgent
PurpleInk
I…

Anon Black Flag Indonesia – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:42:09 GMT

Anon Black Flag Indonesia

Location

Indonesia

Date of Initial Activity

2024

Suspected Attribution

Hacktivist Group

Government Affiliation

Motivation

Hacktivism

Overview

Anon Black Flag Indonesia is an influen…

Anonymous Bangladesh – Threat Actor

CyberMaterial — Mon, 03 Mar 2025 02:41:23 GMT

Anonymous Bangladesh

Other Names

Fidzxploit
Riski Haxor
Mr Exsploit Wmc

Location

Bangladesh

Date of initial activity

2024

Suspected Attribution

Hacktivist Group

Government Affiliation

Motivation

Hacktivism

CyberMaterial: Threats

GoldPickaxe

Watch Summary Video Below: ⬇️

Smishing Triad

Watch Summary Video Below: ⬇️

FluBot / Android banking malware

Watch Summary Video Below: ⬇️

CryptoCore / UNC1069

A Familiar Actor with Evolving Tradecraft

Storm-1811 (Cybercriminal) – Threat Actor

CopyCop (State-Sponsored) – Threat Actor

Storm-0539 – Threat Actor

Overview

Void Manticore (Storm-0842) – Threat Actor

Unfading Sea Haze – Threat Actor

Ikaruz Red Team – Threat Actor

UAC-0188 (FRwL) – Threat Actor

Ghostr (Cybercriminal) – Threat Actor

UAC-0200 (State-Sponsored) – Threat Actor

Turla (The Epic Turla, Snake) – Threat Actor

Royal Tiger – Threat Actor

Overview

Sharp Dragon (Sharp Panda) – Threat Actor

FlyingYeti (UAC-0149) – Threat Actor

LilacSquid (UAT-4820) – Threat Actor

Anon Black Flag Indonesia – Threat Actor

Overview

Anonymous Bangladesh – Threat Actor

Ov…