Pierluigi Paganini February 19, 2024
A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

The Raccoon Infostealer operator, Mark Sokolovsky, was extradited to the US from the Netherlands to appear in a US court. In October 2020, the US Justice Department charged a Ukrainian national, Mark Sokolovsky (28), with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man was held in the Netherlands, and he […]

Pierluigi Paganini May 16, 2022
Eternity Project: You can pay $260 for a stealer and $490 for a ransomware

Researchers from threat intelligence firm Cyble analyzed the Eternity Project Tor website which offers any kind of malicious code. Researchers at cybersecurity firm Cyble analyzed a Tor website named named ‘Eternity Project’ that offers for sale a broad range of malware, including stealers, miners, ransomware, and DDoS Bots. The experts discovered the marketplace during a […]

Pierluigi Paganini July 21, 2021
XLoader, a $49 spyware that could target both Windows and macOS devices

Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware.  FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is […]

Pierluigi Paganini July 27, 2020
Source code of Cerberus Android Trojan offered for sale for $100,000

The authors of the Android Cerberus banking trojan are auctioning the project for a price starting at $50,000, with $100K the deal could be immediately closed. The authors of the notorious Cerberus Android banking trojan are auctioning their project for a price starting at $50,000, but buyers could close the deal for $100,000. The overall […]

Pierluigi Paganini July 08, 2020
Malicious app in Google Play used to deliver Cerberus Banking Trojan

Experts found a tainted app in the Google Play store that was downloaded by more than 10,000 users and that was delivering the Cerberus banking Trojan. Researchers from AVAST have discovered a currency converter application in the Google Play store that was downloaded by more than 10,000 users and that was designed to deliver the […]

Pierluigi Paganini April 01, 2020
New Raccoon Stealer uses Google Cloud Services to evade detection

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data from about […]

Pierluigi Paganini August 13, 2019
Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Security experts analyzed a new interesting Android banking Trojan, dubbed Cerberus, that is offered for rent by its author. A new malware-as-a-service dubbed Cerberus has emerged in the threat landscape, it is an Android RAT developed from scratch that doesn’t borrow the code from other malware. According to researchers at Threat Fabric who analyzed the threat, Cerberus […]

Pierluigi Paganini October 02, 2018
The ‘Gazorp’ Azorult Builder emerged from the Dark Web

Checkpoint experts discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to create customized binaries for the Azorult malware. Security researchers from Checkpoint have discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to easily create customized binaries for the Azorult info-stealing malware. The Gazorp builder allows generating for free the malicious code […]

Pierluigi Paganini June 22, 2018
Red Alert 2.0 Android Trojan available for rent in the underground at $500 per Month

According to researchers at Trustwave, the source code of the Red Alert 2.0 Android Trojan is now available for rent on cybercrime underground forums at $500 per month. The experts discovered the latest variant because received a malicious apk via mail and analyzed it. “It all started with a spam message, which curiously had an Android App attachment. […]

Pierluigi Paganini May 10, 2018
The source code of the TreasureHunter PoS Malware leaked online

  Security experts at Flashpoint confirmed the availability online for the source code of the TreasureHunter PoS malware since March. The researchers found evidence that the threat has been around since at least late 2014. TreasureHunt was first discovered by researchers at the SANS Institute who noticed the malware generating mutex names to evade detection. TreasureHunt enumerates the processes running on the […]