Tag: Osman Demir

FONIX Ransomware as a Service Detection

Another Ransomware as a Service platform is preparing to play a high-stakes game with organizations. Researchers at Sentinel Labs discovered the first attacks using the FONIX platform about three months ago. Now, this RaaS platform is still under active development, but their first customers are already trying their capabilities. So far, FONIX is quite inconvenient […]

Read More
AZORult Trojan Used in Targeted Attacks

Last week, researchers at Zscaler ThreatLabZ released a report on a massive campaign targeting the supply chain and government sectors in the Middle East. Cybercriminals sent phishing emails pretended to be from Abu Dhabi National Oil Company (ADNOC) employees that infected targets with the AZORult Trojan.  Campaign Targeted at organizations in the Middle East The […]

Read More
Mount Locker Ransomware

Companies worldwide are reported to have failed victims of the recent ransomware attack by Mount Locker. The new ongoing ransomware attack targets corporate networks and demands millions of dollars ransom payment is Bitcoins, and the hackers utter threats to reveal the encrypted data publicly if the victims refuse to pay ransom. Mount Locker ransomware activity […]

Read More
In a Quest for Dridex Malware

To reach their evil goals, hackers are sending waves of malspam to targeted victims. Numerous strains of Dridex malware flatten out institutions and customers of the financial sector, and a new iteration of Dridex attack was noticed again after a period of inactivity earlier this month, Unit 42 reports. About Dridex Attacks First malspam attacks […]

Read More
Economic Espionage Campaign by TA413

The use of COVID19 related lures is already perceived as common practice among both financially motivated groups and state-sponsored cyber espionage units. Researchers released a report last week about another group that has been using COVID19 themed phishing emails for six months to deliver their new tool. Yes, we are talking about the Chinese APT […]

Read More
Snatch Ransomware Attack Detection

Ransomware continues to be one of the most serious threats to corporate networks, and Snatch ransomware is one of the most annoying “guests” that emerged relatively recently. The first infections were recorded about two years ago, but serious attacks on organizations began only in April 2019, and since then, the appetites and skills of the […]

Read More
New QakBot Techniques

The QBot banking Trojan that is also known as Qakbot or Pinkslipbot has been known to cybersecurity researchers since 2008, and it keeps tricking the business with emerging campaigns demonstrating its elaborated stealth capabilities. Another phishing campaign delivering the malicious document has attracted the researchers’ attention. The latest QakBot attack is notable for delivering a […]

Read More
Threat Hunting Rules: PurpleWave Infostealer

Another Infostealer with backdoor functions was discovered in late July. Malware authors advertise it on Russian cybercrime forums and sell various modifications of the utility at an affordable price. New Infostealer is written in C++ and was dubbed PurpleWave by its authors.  The malware can perform a number of malicious actions of a hacker’s choice […]

Read More
Detection Content: Mekotio Banking Trojan

Mekotio is one more Latin American banking trojan that is targeted at users mainly in Brazil, Mexico, Spain, Chile, Peru, and Portugal. This is persistent malware that is distributed via phishing emails and ensures persistence either by creating an LNK file in the startup folder or using a Run key. It is capable of stealing […]

Read More
Threat Hunting Rules: Water Nue Phishing Campaign

In today’s news, we want to warn you about the ongoing campaign by Water Nue targeting the business Office 365 accounts in the US and Canada. Notably, the fraudsters successfully reached a number of high-level managers in companies worldwide and harvested over 800 sets of credentials. Although their phishing toolset is limited, they do not […]

Read More