malware

Pierluigi Paganini September 21, 2019
MMD-0063-2019 – Summarize report of three years MalwareMustDie research (Sept 2016-Sept 2019)

Hello, it’s unixfreaxjp here. It has been a while since I wrote our own blog, and it is good to be back. Thank you for your patience for all of this time. The background It was after September 2016 when we decided to move our blog and since then I had a lot of fun […]

Pierluigi Paganini September 20, 2019
Two selfie Android adware apps with 1.5M+ downloads removed from Play Store

Experts at Wandera’s threat research team discovered two adware apps on the Google Play Store that were downloaded 1.5M+ times. Researchers at Wandera discovered two adware selfie filter camera apps on the Google Play that were pushing ads and that can record audio. The bad news is that the two apps were downloaded 1.5M+ times. […]

Pierluigi Paganini September 20, 2019
U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. The Amadey bot is a quite […]

Pierluigi Paganini September 20, 2019
Commodity Malware Reborn: The AgentTesla “Total Oil” themed Campaign

Agent Tesla is a fully customizable password info-stealer offered as malware-as-a-service, many cyber criminals are choosing it as their preferred recognition tool.   Introduction Nowadays the Malware-As-A-Service is one of the criminal favorite ways to breach security perimeter. Agent Tesla is one of these “commodity malware”. It is a fully customizable password info-stealer and many cyber […]

Pierluigi Paganini September 19, 2019
Emotet is back, it spreads reusing stolen email content

Emotet is back, its operators leverage a recently introduced spear-phishing technique to deliver their malware, they are hijacking legitimate email conversations. In 2019, security experts haven’t detected any activity associated with Emotet since early April, when researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and […]

Pierluigi Paganini September 16, 2019
MobiHok RAT, a new Android malware based on old SpyNote RAT

A new Android malware has appeared in the threat landscape, tracked as MobiHok RAT, it borrows the code from the old SpyNote RAT. Experts from threat intelligence firm SenseCy spotted a new piece of Android RAT, dubbed MobiHok RAT, that used code from the old SpyNote RAT. At the beginning of July 2019, the experts […]

Pierluigi Paganini September 14, 2019
InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Researchers at Zscaler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data.  Researchers at Zscaler have discovered a new Trojan dubbed InnfiRAT that implements many standard Trojan capabilities along with the ability to steal cryptocurrency wallet data.  “As with just about every piece of malware, InnfiRAT is designed […]

Pierluigi Paganini September 13, 2019
The US Treasury placed sanctions on North Korea linked APT Groups

The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The groups are behind several hacking operations that resulted in the theft of hundreds of millions of dollars from financial institutions and cryptocurrency exchanges […]

Pierluigi Paganini September 13, 2019
WatchBog cryptomining botnet now uses Pastebin for C2

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. The WatchBog bot is a Linux-based malware that is active since last year, it targets […]

Pierluigi Paganini September 12, 2019
LokiBot info stealer involved in a targeted attack on a US Company

Security researchers at Fortinet uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. FortiGuard SE Team experts uncovered a malspam campaign aimed distributing the LokiBot malware at a US manufacturing company. The Lokibot malware has been active since 2015, it is an infostealer that was involved in many malspam campaigns aimed […]