Lampion Trojan Archives - Security Affairs

Pierluigi Paganini March 13, 2022

The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years

The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years. Lampion trojan is one of the most active banking trojans impacting Portuguese Internet end users since 2019. This piece of malware is known for the usage of the Portuguese Government Finance & Tax (Autoridade Tributária e Aduaneira) email […]

Pierluigi Paganini February 12, 2021

Lampion trojan disseminated in Portugal using COVID-19 template

The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template. In the last few days, a new release of the Latin American Lampion trojan was released in Portugal using a template related to COVID-19. This trojan has been distributed in Portugal […]

Pierluigi Paganini July 07, 2020

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Expert spotted a new release of the Lampion trojan banker that was launched with fresh improvements in the way the malware loader operated. A new release of the Lampion trojan banker was launched with fresh improvements in the way the malware loader – the initial VBS file – is operating. The recent wave has been […]

Pierluigi Paganini May 12, 2020

Trojan Lampion is back after 3 months

Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file. Trojan Lampion is a malware observed at the end of the year 2019 impacting Portuguese users using template emails from the Portuguese Government Finance & Tax and EDP. The latest campaigns in Portugal were observed […]

Lampion Trojan

The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years

Lampion trojan disseminated in Portugal using COVID-19 template

New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader

Trojan Lampion is back after 3 months

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

OneClik APT campaign targets energy sector with stealthy backdoors

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Lampion Trojan

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!