4 matches found
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a...
GuLoader returns with a rotten shipment
GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader with a chequered history, dating back to somewhere around 2011 in various forms. Two years ago it was one of our most seen malspam attachments. Most popular...
ScarCruft continues to evolve, introduces Bluetooth harvester
Executive summary After publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruft is a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with links to the Korean peninsula. Th...
Researchers Discovery Data-Stealing Malware That Likes to Nap
Researchers at FireEye’s Malware Intelligence Lab say they’ve found malware that attempts to evade detection with extended sleep calls and uses “the fast flux technique” to hide the attacker’s identity. They are calling the malicious downloader “Trojan Nap” and notes it uses a technique akin to t...