6 matches found
Examining Water Sigbin's Infection Routine Leading to an XMRig Cryptominer
We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner...
Ransomware Phishing Emails Sneak Through SEGs
Secure email gateway SEG protections aren’t necessarily enough to stop phishing emails from delivering ransomware to employees, especially if the cybercrooks are using legitimate cloud services to host malicious pages. Researchers are raising the alarm over a phishing email kicking off a...
Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign
The Mekotio Latin American banking trojan is bouncing back after several of the gang that operates it were arrested in Spain. More than 100 attacks in recent weeks have featured a new infection routine, indicating that the group continues to actively retool. “The new campaign started right after...
Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan
A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, ...
Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
This blog details how Iron Tiger threat actors have updated their toolkit with an updated SysUpdate malware variant that now uses five files in its infection routine instead of the usual three...
Zeus Sphinx Banking Trojan Arises Amid COVID-19
The Zeus Sphinx banking trojan is back after being off the scene for nearly three years. According to researchers Amir Gandler and Limor Kessem at IBM X-Force, Sphinx a.k.a. Zloader or Terdot began resurfacing in December. However, the researchers observed a significant increase in volume in Marc...