Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks

Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns.

Silent Push researchers have identified Russian-linked ransomware groups abusing Adaptix, a legitimate penetration testing tool now used to deliver malware targeting infrastructure worldwide.

The investigation began when Silent Push researchers were tracking a new malware loader called CountLoader. During that work, they noticed Adaptix being deployed to drop malicious payloads, leading the team to dig deeper. Once detection methods were updated, new activity started appearing across multiple campaigns, suggesting that cybercriminals had already adopted Adaptix as part of their toolkit.

It is worth noting that last month, researchers identified the CountLoader malware after it was spotted twice in campaigns posing as emails from the Ukrainian police. In the first case, Silent Push analysts observed attackers using a fake PDF notice to trick recipients into downloading and running CountLoader.

The second ...