Malware Analysis - Security Intelligence

Woman using a laptop infected with a remote access Trojan (RAT)

article

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.

July 9, 2019 | By Pavel Asinovsky

article

Woman encountering a remote access Trojan (RAT) on her laptop.

article

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.

July 2, 2019 | By Pavel Asinovsky

article

Security professionals reverse engineering a remote access Trojan (RAT).

article

Taking Over the Overlay: Reverse Engineering a Brazilian Remote Access Trojan (RAT)

X-Force researchers discovered a new remote access Trojan variant that mixes Dynamic Link Library (DLL) hijacking with a legitimate executable borrowed from various antivirus programs.

July 1, 2019 | By Pavel Asinovsky

article

Security professional reading about the latest malware threats: malware

news

Web Servers Used to Host 10 Malware Families Distributed via Phishing Emails

Digital attackers used more than a dozen web servers to host 10 malware families and distributed those threats using phishing emails.

April 9, 2019 | By David Bisson

news

Security professionals analyzing a banking Trojan.

article

IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth

IBM X-Force analyzed modifications made to IcedID that help the banking Trojan act more stealthily on infected devices.

April 4, 2019 | By Nir Somech

article

Security professional monitoring organized cybercrime trends.

article

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.

March 20, 2019 | By Limor Kessem

article

Professional working on a laptop in the office targeted with Ursnif banking malware

news

Threat Actor Targets Japanese Users With New Ursnif Variant

Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.

March 13, 2019 | By David Bisson

news

Man entering credit card information on a laptop: IcedID

article

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.

February 6, 2019 | By Itzik Chimino

article

Two security professionals working on code in the office: Ursnif

news

Ursnif, Emotet, Dridex and BitPaymer Malware Families Team Up to Wreak Havoc

Researchers discovered a link between four malware families — Ursnif, Emotet, Dridex and BitPaymer — that suggests threat actors may be combining efforts to develop more sophisticated attack vectors.

January 4, 2019 | By Douglas Bonderud

news

Woman working on laptop in a coffee shop: lcg kit

news

LCG Kit Document Builder Now Using Microsoft Word Macros to Install Malware Payloads

A weaponized document builder service known as LCG Kit added the ability to use Microsoft Word macros to load the necessary shellcode for installing malware.

December 20, 2018 | By David Bisson

news

Phishers Use Fake Office 365 Alerts to Compromise Admin Accounts

MegaCortex Ransomware Uses Aggressive Ransom Notes to Coerce Payments

Fake FaceApp Infects Users With MobiDash Malware

Weekly Security News Roundup: Vulnerability Exposed Instagram Attacks to Hijacking

Voices of Security

2019 Cost of a Data Breach Report

X-Force Red in Action

A Secure Start

CISO of Major UK Retailer Weighs in on Enterprise IoT Security

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

What’s New in the 2019 Cost of a Data Breach Report

The Dark Web Market Is Moving Toward IaaS and MaaS — Here’s Why

I Can’t Believe Mirais: Tracking the Infamous IoT Malware

Threat Intelligence Is the SOC’s Road Map to DNS Security

Podcast: What Factors Contribute to the Cost of a Data Breach?

Podcast: IT’s Eyes and Ears — The Evolving Security Operations Center (SOC)

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Webinar: Fortify your clients with the IBM Resilient SOAR Platform

Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

Webinar: Wandera & IBM Introduce the Next Level of Access Management

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Tag: Malware Analysis

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Taking Over the Overlay: Reverse Engineering a Brazilian Remote Access Trojan (RAT)

Web Servers Used to Host 10 Malware Families Distributed via Phishing Emails

IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

Threat Actor Targets Japanese Users With New Ursnif Variant

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

Ursnif, Emotet, Dridex and BitPaymer Malware Families Team Up to Wreak Havoc

LCG Kit Document Builder Now Using Microsoft Word Macros to Install Malware Payloads