Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Ultraview AI

Ultraview AI Vendor Cyber Rating & Cyber Score

ultraview.io

UltraView mission is to enhance safety and operational efficiency in the aviation industry by delivering cutting-edge drone inspection technologies, to reduce aircraft downtime and promote a safer and more sustainable future.


Ultraview AI A.I CyberSecurity Scoring

Ultraview AI
Company Information
Website:http://www.ultraview.io
Employees number:13
Number of followers:1,785
NAICS:3364
Industry Type:Aviation and Aerospace Component Manufacturing
Homepage:ultraview.io
Ultraview AI Risk Score (AI oriented)
Between 700 and 749
logo
Ultraview AIAviation and Aerospace Component Manufacturing
Updated:
26/03/2026
734/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Ultraview AI Global Score (TPRM)
xxxx
logo
Ultraview AIAviation and Aerospace Component Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Ultraview AI
Ultraview AIModerate
Current Score
734Ba (MODERATE)
01000
1 incidents
-13 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
736Before Incident
JUNE 2026
735Before Incident
MAY 2026
735Before Incident
APRIL 2026
734Before Incident
MARCH 2026
744Before Incident
FEBRUARY 2026
744Before Incident
JANUARY 2026
744Before Incident
DECEMBER 2025
732Before Incident
NOVEMBER 2025
744Before Incident
Cyber Attack
01 Nov 2025Ultraview AI
Signal, Surfshark and UltraViewer: Silver Fox Abuses Stolen EV Certificates in AtlasCross RAT Malware Campaign

Silver Fox APT Targets Chinese-Speaking Users with Stealthy AtlasCross RAT Campaign

731After Incident
HIGH-13
SURSIGULT1774535812
Silver Fox APT Targets Chinese-Speaking Users with Stealthy AtlasCross RAT Campaign A Chinese-nexus advanced persistent threat (APT) group, tracked as Silver Fox (also known as Void Arachne and SwimSnake), is conducting a sophisticated campaign targeting Chinese-speaking users and professionals. Security researcher Maurice Fielenbach of Hexastrike uncovered the operation, which leverages typosquatted domains impersonating trusted brands like Surfshark, Signal, and Zoom to distribute malware. The attackers use stolen Extended Validation (EV) code-signing certificates issued to a Vietnamese entity, DUC FABULOUS CO.,LTD (valid until May 2027) to bypass security checks and establish deep persistence in enterprise networks. Victims are lured into downloading a ZIP archive containing a triple-nested Setup Factory installer, which deploys a trojanized Autodesk component (Schools.exe) alongside legitimate decoy applications like UltraViewer to avoid suspicion. The malware employs advanced evasion techniques, including Process Environment Block (PEB) walking and ROR13 hashing, to dynamically resolve APIs and evade static analysis. It retrieves a second-stage shellcode payload from its command-and-control (C2) server over raw TCP, then loads the AtlasCross RAT entirely in memory using a reflective loader, leaving no disk footprint. At the core of the attack is AtlasCross RAT, which integrates a custom PowerShell execution engine (PowerChell). This framework disables critical security mechanisms, including: - Antimalware Scan Interface (AMSI) - Event Tracing for Windows (ETW) - Constrained Language Mode (CLM) - ScriptBlock logging The RAT communicates with its C2 infrastructure using ChaCha20 encryption and hardware-generated random keys. To maintain persistence, it terminates TCP connections used by Chinese security tools like 360 Total Security and Huorong, preventing signature updates without killing processes. Additional tactics include DLL injection into WeChat (Wxfun.dll) for data harvesting and RDP session hijacking via tscon.exe. The campaign, active between November 2025 and March 2026, demonstrates Silver Fox’s evolution from driver-based process termination to network-level disruption, signaling a rapidly maturing threat actor. Key indicators of compromise (IOCs) include the stolen EV certificate (2C1D12F8BBE0827400A8440AF74FFFA8DCC8097C), C2 domain (bifa668.com), and typosquatted domains (www-surfshark[.]com, signal-signal[.]com). Security teams are advised to monitor for non-standard processes loading System.Management.Automation.dll and scheduled tasks under \Microsoft\Windows\AppID\.
INCIDENT DETAILS -
TYPE
APT Campaign
IMPACT
Data Compromised: Potential data harvesting via WeChat DLL injection and RDP session hijackingEnterprise networksWindows systemsOperational Impact: Disruption of security tools (360 Total Security, Huorong), potential RDP session hijackingIdentity Theft Risk: High (due to potential PII harvesting)
DATA BREACH
Personally Identifiable Information (PII)Potential WeChat dataSensitivity Of Data: HighData Exfiltration: Possible via AtlasCross RATData Encryption: ChaCha20 encryption for C2 communicationsPersonally Identifiable Information: Likely (via WeChat DLL injection)
OCTOBER 2025
744Before Incident
SEPTEMBER 2025
744Before Incident
AUGUST 2025
744Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Ultraview AI ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Ultraview AI's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Ultraview AI's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Ultraview AI ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Ultraview AI's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?
Ultraview AI Cyber Scoring History | Rankiteo