The challenging year of 2020 saw many businesses increase their reliance on the internet, shifting to work-from-home workforces. Such a trend resulted in a blasting spike in video conferencing apps usage. Cyber criminals didnāt miss the chance to advantage their malicious perspectives. Starting from spring 2020, they registered many fake domains to deliver malicious ads […]
Quasar remote administration tool (RAT) is a multi-functional and light-weight malware actively used by APT actors since 2014. Quasarās code is publicly available as an open-source project, which makes the Trojan extremely popular among adversaries due to its broad customization options. As a result, a variety of samples exist inside the Quasar malware family. Many […]
Data theft malware continues to get the ride of popularity among financially-motivated hackers. Increased interest boosts the development of new sophisticated strains promoted on the underground market. Obviously, the cheapest and simultaneously functional offerings grab attention first. This is where Oski stealer comes to the spotlight as highly dangerous and relatively low-priced malware. Oski Stealer […]
Security researchers have spotted an ongoing Confucius APT campaign that leverages Warzone RAT malware to compromise its targets. The campaign is presumably aimed at the governmental sector of China and other South Asia countries. Warzone RAT Description Warzone remote access Trojan (RAT), a prolific successor of AveMaria stealer, first emerged in 2018 as a malware-as-a-service […]
Cyber-criminals constantly take advantage of the āhottestā media topics to lure victims and infect them with malware. This time hackers decided to profit from the increased attention to the last US presidential elections and launched a Donald Trump-themed spam campaign. The final goal of this operation is to distribute the latest QRAT Trojan malware variant, […]
DoppelPaymer ransomware is gaining momentum as a leading threat to critical infrastructure assets. According to the FBI warning released in December 2020, DoppelPaymer has targeted multiple organizations in healthcare, educational, governmental and other sectors. The attack routine is highly sophisticated and aggressive, allowing its operators to extort six- and seven-digit ransoms from their victims. Notably, […]
Threat actors exploit a recently discovered Zyxel secret backdoor in the wild. Itās high time to patch since adversaries are instantly searching for vulnerable installations to gain momentum before updates are installed. CVE-2020-29583 Overview The bug occurs since a number of Zyxel products incorporate an undocumented root account leveraging hardcoded login details accessible in the […]
The banking sector has always been an attractive target for cyber-criminals. After Zeus and Gozi emerged in 2007, prominent banking Trojans regularly made the headlines by emptying accounts of customers. Recently, security researchers have spotted yet another member of the financial malware family. This time the campaign is aimed at the US and Canadian banking […]
IceRAT is a relatively new tool in the malicious arena, being a unique strain in regard to its features and unprecedented evasion tactics. Remarkably, the threat has very low detection rates, acting as a stealth malware able to steal sensitive data and financial assets from the targeted machines. What is IceRAT malware? Despite its name, […]
Another Ransomware as a Service platform is preparing to play a high-stakes game with organizations. Researchers at Sentinel Labs discovered the first attacks using the FONIX platform about three months ago. Now, this RaaS platform is still under active development, but their first customers are already trying their capabilities. So far, FONIX is quite inconvenient […]