Malware

Release the Kraken: Fileless injection into Windows Error Reporting service - We discovered a new attack that injected its payload—dubbed
Malspam campaign caught using GuLoader after service relaunch - We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature - A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.
New LNK attack tied to Higaisa APT discovered - We describe a new spearphishing campaign tied to the potential North Korean Higaisa APT group.
Shining a light on “Silent Night” Zloader/Zbot - The latest Malwarebytes Threat Intel report focuses on Silent Night, a new banking Trojan recently tracked as Zloader/Zbot.
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app - The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.
Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses - CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?
“Funky malware format” found in Ocean Lotus sample - Recently, one of our researchers presented at the SAS conference on
Spotlight on Troldesh ransomware, aka ‘Shade’ - Troldesh is ransomware that relies heavily on user interaction. Nevertheless, a recent spike in detections shows it's been successful against businesses in the first few months of 2019.

Select your language