12 matches found
Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
An unknown threat actor used a malicious self-extracting archive SFX file in an attempt to establish persistent backdoor access to a victim's environment, new findings from CrowdStrike show. SFX files are capable of extracting the data contained within them without the need for dedicated software...
Financial cyberthreats in 2022
Financial gain remains the key driver of cybercriminal activity. In the past year, weve seen multiple developments in this area – from new attack schemes targeting contactless payments to multiple ransomware groups continuing to emerge and haunt businesses. However, traditional financial threats ...
All You Need to Know About Emotet in 2022
For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans...
Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware
The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems. In an attack chain detected by Trustwave SpiderLabs researchers, an invoice-themed ZIP file lure was foun...
Emotet Botnet Started Distributing Quantum and BlackCat Ransomware
The Emotet malware is now being leveraged by ransomware-as-a-service RaaS groups, including Quantum and BlackCat, after Conti's official retirement from the threat landscape this year. Emotet started off as a banking trojan in 2014, but updates added to it over time have transformed the malware...
Emotet Botnet's Latest Resurgence Spreads to Over 100,000 Computers
The insidious Emotet botnet, which staged a return in November 2021 after a 10-month-long hiatus, is once again exhibiting signs of steady growth, amassing a swarm of over 100,000 infected hosts for perpetrating its malicious activities. "While Emotet has not yet attained the same scale it once...
Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware
The notorious Emotet malware is staging a comeback of sorts nearly 10 months after a coordinated law enforcement operation dismantled its command-and-control infrastructure in late January 2021. According to a new report from security researcher Luca Ebach, the infamous TrickBot malware is being...
Police seize DoubleVPN data, servers, and domain
A coordinated effort between global law enforcement agencies—led by the Dutch National Police—shut down a VPN service that was advertised on cybercrime forums. The VPN company promised users the ability to double- and triple-encrypt their web traffic to obscure their location and identity. The...
Police Have Disrupted the Emotet Botnet
A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware. Subjects of emails and documents in Emotet campaigns are...
Threat Source newsletter (Nov. 19, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In case you hadn’t already realized, Snort somehow became a meme this week, so that was fun. As 2020 finally...or already...I can’t decide which comes to an end, we’re going to start doing a look back at the year that was in...
Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads
Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...
A week in security (August 26 – September 1)
Last week on Malwarebytes Labs, we analysed the Android xHelper trojan, we wondered why the Nextdoor app would send out letters on behalf of their customers, reported about a study that explores the clickjacking problem across top Alexa-ranked websites, wondered how to get the board to invest in...