IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.
IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.
X-Force researchers discovered a new remote access Trojan variant that mixes Dynamic Link Library (DLL) hijacking with a legitimate executable borrowed from various antivirus programs.
Digital attackers used more than a dozen web servers to host 10 malware families and distributed those threats using phishing emails.
IBM X-Force analyzed modifications made to IcedID that help the banking Trojan act more stealthily on infected devices.
In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.
Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.
The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.
Researchers discovered a link between four malware families — Ursnif, Emotet, Dridex and BitPaymer — that suggests threat actors may be combining efforts to develop more sophisticated attack vectors.
A weaponized document builder service known as LCG Kit added the ability to use Microsoft Word macros to load the necessary shellcode for installing malware.