| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Molatori is a threat actor group identified by Malwarebytes researchers, known for utilizing malicious ScreenConnect clients hosted on domains like atmolatori.icu and gomolatori.cyou. They employ phishing tactics, masquerading as communications from the Social Security Administration to lure targets into installing the client. Once installed, the ScreenConnect client allows the actors to remotely access the victim's computer, facilitating the exfiltration of sensitive information such as banking details and personal identification numbers. The primary objective of the Molatori group is financial fraud, leveraging the stolen data for identity theft and other malicious activities.
There are currently no families associated with this actor.
| 2025-04-30
⋅
Malwarebytes
⋅
Fake Social Security Statement emails trick users into installing remote tool Molatori |