Tag: #Malware #Ransomware #Cyberattack #Investigation

Crypto Malware
What is Crypto Malware and How to Defend Against Cryptojacking?

The popularity of cryptocurrencies doesn’t only attract investors but also makes them a true honeypot for hackers. While crypto has seen some better times in the market, cryptojacking is on the rise. With a variety of terms emerging, it is easy to get lost. So, let’s dive into the specifics of crypto malware, crypto ransomware, […]

Read More
BianLian Ransomware
BianLian Ransomware Detection: To Pay or Not to Pay?

Adversaries behind a cross-platform BianLian ransomware target businesses in Australia, North America, and the UK, attacking multiple industries, including media and entertainment, healthcare, education, and manufacturing. The ransomware strain first surfaced in December 2021 and, according to recent reports, is currently undergoing active development. BianLian Ransomware Gang has already compromised at least 20 companies; however, […]

Read More
ModernLoader Bot
ModernLoader Bot Detection: Spreads via Bogus Amazon Gift Cards, Compromises Users in Eastern Europe

ModernLoader bot, aka Avatar bot, is a .NET remote access trojan with the capabilities to download and run files from the C&C server, harvest system information, and run arbitrary instructions. With the remote control provided by the malware, threat actors use the breached network for botnet propagation. The chain of evidence suggests that these attacks […]

Read More
Genshin Impact's Anti-Cheat Software
Genshin Impact Ransomware Infection: Adversaries Abuse the Anti-Cheat Driver

Genshin Impact, a popular open-world action RPG, is leveraged to spread ransomware. Threat actors abuse mhyprot2.sys, a vulnerable anti-cheat driver, to terminate antivirus processes and services to drop ransomware. Using the legitimate driver as a rootkit, the adversaries seek to first drop the ransomware on the target machine with a view to subsequent spread of […]

Read More
SOC Prime's and EchoTrail.io integration
SOC Prime Launches Integration With EchoTrail.io to Accelerate Threat Investigation

Instantly Explore the Executable Binary References Linked to Sigma Rules for More Insightful Contextual Information SOC Prime has recently released integration for its cyber threats search engine with EchoTrail.io database. Now, SOC Prime users can streamline threat investigation with the comprehensive information about executable binaries (filenames or hashes) launched on Windows, accessible right from our […]

Read More
Defending Against Ransomware Attacks in 2021

The cybersecurity community is facing a crisis caused by the escalating threat of high-profile ransomware attacks. Advancing the trend of 2020, ransomware continues to be the number one problem in 2021, with the increasing sophistication of intrusions and a constantly growing number of malicious affiliates.  Big enterprises remain to be the primary target. Yet, the […]

Read More