Grandoreiro: How engorged can an EXE get?
Another in our occasional series demystifying Latin American banking trojans
Browsing category
Another in our occasional series demystifying Latin American banking trojans
ESET researchers bring to light unique obfuscation techniques discovered in the course of analyzing a new cryptomining module distributed by the Stantinko group’s botnet
Can an old APT learn new tricks? Turla’s TTPs are largely unchanged, but the group recently added a Python backdoor.
The fourth installment of our occasional series demystifying Latin American banking trojans
ESET researchers uncover a new campaign of the Winnti Group targeting universities and using ShadowPad and Winnti malware
Hundreds of things could go wrong after a ransomware victim pays the money demanded by criminals. Digital forensics specialists from security firm Emsisoft reported the appearance of a bug in the Ryuk ransomware decryption tool (delivered by criminals to victims after they pay the ransom) that causes failures in the file recovery process. According to […]
A new report revealed by digital forensics specialists claims that hackers that make up the dangerous Lazarus group are trying to inject a new fileless Trojan into victims’ devices on thousands of computers with operating system Apple macOS; to complete the attack, the hackers would be using a fake cryptocurrency exchange app. The discovery was […]
Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and Ad fraud. Facebook filed the lawsuit on Thursday in the Northern District of California […]
Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East. Dubbed ZeroCleare, the data wiper malware has been linked to not one but two Iranian state-sponsored hacking groups—APT34, also known as ITG13 and Oilrig, […]
There are currently multiple variants of malware for mobile devices used for different purposes. Digital forensics experts mention that, during the most recent months, an infection campaign has been detected against devices with Android operating system that uses malware to infiltrate the victims’ mobile banking app and extract their assets. In its report, the security […]
Researchers discovered a new wave of spyware apps named Stalkerware emerging in wide for the past few months that spies victims’ online activities and steal sensitive data from the infected devices. Recently FTC warned that Retina-X developed and sold MobileSpy, PhoneSheriff and TeenShield shared sensitive information about your smartphone activities – such as call history, […]
A new malware campaign dubbed “RevengeHotels” targeting hotels, hostels, hospitality, and tourism companies worldwide aimed to steal credit card data of users and Travelers from hotel management systems. The campaign uses email as the main attack vector to deliver malware via weaponized Word, Excel or PDF documents. In some cases, it exploits patched Remote Code […]
Ethical hacking specialists from security firm ESET report the emergence of a new banking Trojan tracked in multiple locations in Latin America. Identified as Mispadu, this malicious program uses fake McDonald’s ads and phishing emails to trick victims through websites and social media platforms, primarily Facebook. In addition to malicious advertising, it is also possible […]
A new malware strain dubbed Dexphot attacking windows computers to mine cryptocurrency, monitoring services, and scheduled tasks to rerun the infection if windows defender removed it. The malware uses filess techniques it gets malicious codes executed directly in memory and also it hijacks the legitimate process to hide the malicious activity. Microsoft closely tracked the […]
ESET researchers have discovered that the criminals behind the Stantinko botnet are distributing a cryptomining module to the computers they control
Malware authors continue to trick users abusing legitimate services, one recent example of this is the new campaign of Raccoon information-stealing malware. The Raccoon Stealer Malware is written in C++ by Russian-speaking developers and it developed to compromise both 32 and 64-bit operating systems. It was sold on underground forums in both Russian and English […]
A new malicious downloader dubbed “DePriMon” registers itself as fake Windows Default Print Monitor to achieve persistence and to execute commands as a SYSTEM user. The DePriMon malware found to be active at least from March 2017, it was detected first in a private company based in Central Europe. It is well-written malware and the […]
Researchers uncovered a new form of sophisticated Android banking malware named “Ginp” targets Android users via screen overlay attack to steal banking credentials, SMS & credit/debit card details to empty victims’ bank account. The Ginp malware initially spotted at the end of the Oct 2019 since then the malware is continuously under development, and 5 […]
According to web application security experts from Nyotron, there is a new method that allows threat actors to encrypt Windows files in a special way, which won’t be able to detect the attack. Ransomware attacks remain very common and keep evolving. A report based on figures from multiple security firms mentions that 28% of cybersecurity […]
ESET researchers have discovered a new downloader with a novel, not previously seen in the wild installation technique
New malspam email campaign discovered with fake windows updater and its Builder, through which hackers launching Cyborg Ransomware to encrypt the compromised systems files. A spam email claims to be from Microsoft and email body urges the victims to Install the Latest “Microsoft Windows Update” by opening the attached file. Fake update attachment appears with […]