5 matches found
PikaBot Malware Unleashes Threat via Malvertising
Summary: PikaBot, a recently identified malware family, has become a prominent threat in malvertising campaigns, particularly through search engine ads. Associated with the TA577 threat actor and linked to ransomware distribution, PikaBot employs advanced tactics, such as decoy websites and...
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader
Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" read: invalid printer that's used to deliver the Aurora information stealer malware. "The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations...
Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT
The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine an...
Recipe for success: tech support scammers zero in via paid search
Tech support scammers are known for engaging in a game of whack-a-mole with defenders. Case in point, last month there were reports that crooks had invaded Microsoft Azure Cloud Services to host fake warning pages, also known as browser lockers. In this blog, we take a look at one of the top...
RIG malvertising campaign uses cryptocurrency theme as decoy
For a couple of weeks, we have been observing a malvertising campaign that uses decoy websites to redirect users to the RIG exploit kit. Those sites, whose theme is about cryptocurrencies, were all registered recently and are swapped after a few days of use. The initial redirection starts off fro...