Credit to Author: Sherif Magdy| Date: Fri, 25 Mar 2022 00:00:00 +0000
Purple Fox is an old threat that has been making waves since 2018. This most recent investigation covers Purple Fox’s new arrival vector and early access loaders. Users’ machines seem to be targeted with malicious payloads masquerading as legitimate application installers.
Read more
Credit to Author: Cifer Fang| Date: Thu, 24 Mar 2022 00:00:00 +0000
We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide.
Read more
Credit to Author: Feike Hacquebord| Date: Thu, 17 Mar 2022 00:00:00 +0000
This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control (C&C) servers of the Cyclops Blink botnet.
Read more
Credit to Author: Don Ovid Ladores| Date: Wed, 09 Mar 2022 00:00:00 +0000
In March 2022, we came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities in their attack chain, from the tools used to the order in which they execute various steps.
Read more
Credit to Author: Jaromir Horejsi| Date: Tue, 08 Mar 2022 00:00:00 +0000
We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper.
Read more
In this final part, we discuss the countries most affected by SMS PVA services as well as lay out several recommendations to mitigate the risks of such threats.
In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services.
In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network that compromises smartphone cybersecurity as we know it.
Credit to Author: Luis Magisa| Date: Mon, 21 Feb 2022 00:00:00 +0000
A Mac coinminer has been spotted using open-source components in its routine and the I2P Network to hide its traffic. We dive into old iterations of this malware, and also analyze the newest version.
Read more
Credit to Author: Zhengyu Dong| Date: Tue, 15 Feb 2022 00:00:00 +0000
Certain SMS PVA services allow their customers to create disposable user profiles or register multiple accounts on many popular online platforms. These services can be abused by criminals to conduct fraud or other malicious activities.
Read more