July 3, 2019 Godlua Backdoor Capable of Performing DDoS Attacks 2 min read - Both versions of the Godlua backdoor, discovered in late April, are capable of performing distributed denial-of-service (DDoS) attacks, according to a new report.
Malware July 2, 2019 Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? 8 min read - IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.
Malware July 1, 2019 Taking Over the Overlay: Reverse Engineering a Brazilian Remote Access Trojan (RAT) 6 min read - X-Force researchers discovered a new remote access Trojan variant that mixes Dynamic Link Library (DLL) hijacking with a legitimate executable borrowed from various antivirus programs.
June 17, 2019 Threat Actors Use Targeted Attack Tools to Distribute Cryptocurrency Miners, Ransomware 2 min read - Threat actors are using targeted attack tools to distribute typical malware, such as cryptocurrency miners and ransomware.
June 10, 2019 Malvertising Campaign Infects Users With Buran Ransomware Via the RIG Exploit Kit 2 min read - A malvertising campaign is redirecting users to the RIG exploit kit, which then attempts to infect them with a new ransomware called Buran.
June 3, 2019 New HiddenWasp Linux Malware Focused Solely on Achieving Targeted Remote Control < 1 min read - A new threat called HiddenWasp is different from other Linux malware in that it's focused solely on achieving targeted remote control of infected hosts.
Advanced Threats May 16, 2019 GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation 4 min read - In an operation crowned "unprecedented," Europol and the DOJ joined forces and successfully dismantled what was left of the GozNym cybercrime gang that attempted to steal well over $100 million.
May 14, 2019 Pirate Chick Poses as VPN Tool, Secretly Installs Malicious Payloads 2 min read - Malicious actors are bundling a Trojan called Pirate Chick, which looks like a virtual private network (VPN) software tool, into adware to install malware on infected machines.
May 8, 2019 Barium Group Using Backdoors in Trusted Software to Wage Supply Chain Attacks 2 min read - A threat group known as Barium is exploiting trusted software updates and apps to conduct a wave of supply chain attacks, which could affect more than 1 million users around the world.
May 7, 2019 Retefe Banking Trojan Returns With Smoke Loader as Its Intermediate Loader 2 min read - The Retefe banking Trojan has resumed its activity with a new series of attack campaigns that leverage Smoke Loader as an intermediate loader.