Threat analysis

Release the Kraken: Fileless injection into Windows Error Reporting service - We discovered a new attack that injected its payload—dubbed

Malware | Malwarebytes news | Threat analysis

Release the Kraken: Fileless injection into Windows Error Reporting service

October 6, 2020 - We discovered a new attack that injected its payload—dubbed "Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

Read more
Inter skimming kit used in homoglyph attacks - Threat actors load credit card skimmers using a known phishing technique called homoglyph attacks.

Threat analysis

Inter skimming kit used in homoglyph attacks

August 6, 2020 - Threat actors load credit card skimmers using a known phishing technique called homoglyph attacks.

Read more
Malspam campaign caught using GuLoader after service relaunch - We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch

Malware | Threat analysis

Malspam campaign caught using GuLoader after service relaunch

July 30, 2020 - We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch

Read more
Chinese APT group targets India and Hong Kong using new variant of MgBot malware - We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.

Threat analysis

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

July 21, 2020 - We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.

Read more
Credit card skimmer targets ASP.NET sites - This unusual web skimmer campaign goes after sites running Microsoft's IIS servers with an outdated version of the ASP.NET framework.

Threat analysis

Credit card skimmer targets ASP.NET sites

July 6, 2020 - This unusual web skimmer campaign goes after sites running Microsoft's IIS servers with an outdated version of the ASP.NET framework.

Read more
Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files - This credit card skimmer hides in plain sight, quite literally, as it resides inside the metadata of image files.

Threat analysis

Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files

June 25, 2020 - This credit card skimmer hides in plain sight, quite literally, as it resides inside the metadata of image files.

Read more
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature - A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.

Malware | Threat analysis

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

June 17, 2020 - A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.

Read more
Honda and Enel impacted by cyber attack suspected to be ransomware - Car manufacturer Honda has been hit by a cyber attack, according to a report published by the BBC, and later confirmed by the company in a tweet. Another similar attack, also disclosed on Twitter, hit Edesur S.A., one of the companies belonging to Enel Argentina which operates in the business of energy distribution in the...

Ransomware | Threat analysis

Honda and Enel impacted by cyber attack suspected to be ransomware

June 9, 2020 - Car manufacturer Honda has been hit by a cyber attack, according to a report published by the BBC, and later confirmed by the company in a tweet. Another similar attack, also disclosed on Twitter, hit Edesur S.A., one of the companies belonging to Enel Argentina which operates in the business of energy distribution in the...

Read more
New LNK attack tied to Higaisa APT discovered - We describe a new spearphishing campaign tied to the potential North Korean Higaisa APT group.

Malware | Threat analysis

New LNK attack tied to Higaisa APT discovered

June 4, 2020 - We describe a new spearphishing campaign tied to the potential North Korean Higaisa APT group.

Read more

Select your language