Malware
YamaBot Malware Employed by Lazarus Group
YamaBot is the name of a piece of malware, employed by the threat actor that goes by the name of Lazarus group. YamaBot is also known by the name Kaos and is written and compiled in the Go programming language - an... Read more
DUCKTAIL Malware Targets High-Profile Facebook Accounts
DUCKTAIL is the name of a highly specialized piece of malware that targets Facebook Business accounts for the purpose of exploitation. DUCKTAIL is believed to be linked with a criminal outfit operating out of Vietnam.... Read more
OpenDocument Malware Attacks Hotel Chains
A recently detected malware attacking hotels in Latin America is keeping security researchers very busy, due to its furtiveness and sophistication. The malware, named OpenDocumen has very distinctive features, which... Read more
NoMercy Stealer Scrapes Sensitive Information
NoMercy is the name of a newly discovered piece of infostealing malware. The main distribution method for the new malware is phishing campaigns containing malicious attachments, with a supplementary distribution... Read more
Quantum Builder Malware
Security researchers with Cyble published a new report on the rise of malware using .lnk shortcut files to deliver their final payload. One highlight of the report was a .lnk file builder called Quantum. Quantum is... Read more
W97M.Downloader Malware
W97M.Downloader is the designation given to a piece of malicious software that was actively distributed in a campaign spreading banking malware that was most active in early 2016. The malware in question comprised a... Read more
Subzero Malware Employed by Private-Sector Threat Actor
Security researchers with Microsoft's Threat Intelligence Center released a report on a piece of malware developed by a private-sector threat actor. The malware in question is called Subzero and the entity using it is... Read more
Nitro Stealer Malware Snags Various Info from Victims
Nitro Stealer is the name of a newly discovered piece of malware, classified, as the name plainly shows, as an infostealer. This type of malware is designed to quietly infiltrate the victim system, keep a low profile... Read more
CloudMensis Spyware Could Spy On Your Mac OS Computer
CloudMensis Spyware is a spyware app that may affect vulnerable Mac computers. The notion of Mac computers not being susceptible to malware threats and spyware is an old misnomer. Now, Macs are just as vulnerable to... Read more
What is "Your File Is Ready To Download" Malware?
The name "Your File Is Ready To Download" is a description given to a roster of threats that share the same vehicle. The malicious payloads distributed through this method are stored inside a disk image file, usually... Read more
IceXLoader Malware
IceXLoader is the name of a new piece of malware spotted in the wild in recent weeks. As the name suggests, IceXLoader is used as a loader - an intermediary type of malware used to deliver and load other components in... Read more
Win32/Heri Detection
Win32/Heri is the name given by antivirus software to a heuristically-motivated detection. This means that the detection does not correspond to a specific known virus or malicious file found in the software's... Read more
Lofy Stealer Grabs Credit Card Data
Security researchers identified a new malicious campaign pushing an infostealer malware dubbed Lofy. The campaign itself is called LofyLife and was first reported by a team with Securelist. According to that team, the... Read more
SppExtComObjHook.dll - What Does it Mean When Detected?
If your antivirus product of choice, whether it's just Microsoft Defender installed with your copy of Windows, or a third-party tool, blips up with a new detection and you see the name "SppExtComObjHook.dll", chances... Read more
Paradies Clipper Sold on the Dark Web
Paradies clipper is the name of a newly discovered malicious application. As the name suggests, Paradies acts as a clipper. A clipper is the shorthand name for malware that can monitor the system clipboard for... Read more
Beware! HUI Loader Linked with Chinese Threat Actors
The HUI Loader malware has been around for several years. However, security researchers have only recently linked the malicious tool to a couple of Chinese threat actors who are believed to be backed by the state. The... Read more
Samurai Backdoor Used by New Threat Actor
A relatively new threat actor has pulled off multiple attacks against big targets in both Europe and Asia. The hacker group has been dubbed "ToddyCat" and one of the tools used by the outfit is the Samurai backdoor.... Read more
StealBit Malware
StealBit is the name of a piece of infostealing and data exfiltration malware that is a companion tool to the infamous LockBit ransomware. StealBit, as the name implies, is used to exfiltrate and steal sensitive... Read more
