Latest Posts

From Windows Telemetry to Arrest: How Microsoft’s GDID Helped Connect the Dots

08 Jul 2026

Dark Atlas
DarkAtlas Squad

From Windows Telemetry to Arrest: How Microsoft’s GDID Helped Connect the Dots

Executive Summary The arrest and extradition of an alleged Scattered Spider member drew attention for more than the charges themselves. The most revealing detail appeared inside the court documents: Microsoft telemetry associated with a Global Device Identifier, or GDID, helped investigators connect online activity to a specific Windows installation. According to the complaint, Microsoft records […]

LoaderClient Malware Analysis: How WeedHack Uses Ethereum Smart Contracts for Resilient C2 Infrastructure

24 Jun 2026

Dark Atlas
DarkAtlas Squad

LoaderClient Malware Analysis: How WeedHack Uses Ethereum Smart Contracts for Resilient C2 Infrastructure

Executive Summary LoaderClient is a Minecraft-based malware loader linked to the WeedHack Malware-as-a-Service campaign. It is distributed as a malicious Minecraft Fabric mod and is designed to steal Minecraft session data, including display name, account UUID, and live Microsoft OAuth access tokens. What makes LoaderClient especially notable is its command and control architecture. Instead of […]

How a Go Binary Locks Down Enterprise Networks in Minutes: The Story Behind Gentlemen Ransomware

09 Jun 2026

Dark Atlas
DarkAtlas Squad

How a Go Binary Locks Down Enterprise Networks in Minutes: The Story Behind Gentlemen Ransomware

Overview The enterprise threat landscape in 2026 has been reshaped by the rapid ascent of “The Gentlemen” — a Ransomware-as-a-Service (RaaS) operation tracked by Microsoft Threat Intelligence as Storm-2697 and by other security research firms under the alias LARVA-368. Since its emergence in mid-2025, this financially motivated syndicate has scaled faster than any other ransomware group on record, […]

Categories

Discover the latest articles and insights on Dark Atlas

All
Threat Intelligence
Malware Analysis
Threat Profile
Infrastructure adversary hunting
Supply Chain
Vulnerability Intelligence
Uncategorized
Image placeholder

Image placeholder

Image placeholder

Image placeholder

Image placeholder

Image placeholder

Image placeholder

Image placeholder

Image placeholder

Contact Us

Experience the power of #1 AI-Powered eXtended Cyber Intelligence Platform

Subscribe

New Security Updates Weekly!