Malware
Malicious Tool BPFDoor Evades Detection for Years
Security researchers recently came up with a worrying revelation. A malicious tool associated with Chinese threat actors turned out to be deployed on "thousands" of systems running Linux. The shocking part of that... Read more
NetDooka RAT
Security researchers recently discovered a new, multi-component malware that has been nicknamed NetDooka, after one of its components. NetDooka is described as a malicious "framework" due to its multiple moving parts... Read more
DEPLOYLOG Malware
DEPLOYLOG is the name of a malicious tool associated with the Winnti advanced persistent threat actor. The Winnti group is also known by the name APT41 and is believed to be a Chinese state-sponsored threat actor,... Read more
Energy.exe Cryptominer
Energy.exe is the name of a piece of malware that is categorized as a cryptominer. This type of malware abuses the victim system's resources while staying in the background as quietly as possible. The victim system's... Read more
Prynt Stealer Malware Sold on Hacking Forums
The Prynt Stealer Malware is being sold as a 'software product' on its official website, as well as via Telegram groups and hacking forums. The creators of this malware claim to be selling an unlimited number of... Read more
What is Kratos Silent Miner?
Kratos Silent Miner is a piece of malware offered on hacking forums, for the low fee of $100/month. This means that any cybercriminal can start using it, as long as they have some funds to pay the subscription fee.... Read more
Nerbian RAT Targets Victims in Europe
A new strain of malware has recently been documented by security researchers. The threat was called Nerbian and exhibits features typical of remote access trojan, hence the full name Nerbian RAT. Perhaps a little late... Read more
Stealerium Infostealer
Stealerium is the name of an infostealer malware. The malicious application is written and compiled using C#. When it deploys on a victim system, Stealerium starts recording logs and exfiltrating information from the... Read more
WINNKIT Rootkit
WINNKIT is the name of one of the components used in a multi-stage, complex attack pattern used by the Winnti advanced persistent threat actor. The Winnti group threat actor is also sometimes referred to as APT41.... Read more
Bumblebee Malware Adopted by the Conti Ransomware Gang
The Bumblebee Malware is a malicious implant, which is being used by cybercriminals to pave the way for additional payloads such as the Cobalt Strike beacon, Silver, and Meterpreter. In some cases, the Bumblebee... Read more
Remove 000 Stealer Malware
Cybercriminals appear to be releasing information stealers on a regular basis now. Of course, many of them are not planning to use the tools themselves – instead, they are renting them out, or straight up selling them... Read more
North Korean Hackers Target Cryptocurrency Traders with TraderTraitor Malware
North Korean cybercriminals often engage in financially-motivated attacks, which enable them to siphon funds into their country, and using them to further the development of various controversial programs, such as the... Read more
Saintstealer Malware
Security researchers recently detailed a new malicious payload. The malware in question is an infostealer with rich functionality that was codenamed Saintstealer. Saintstealer can scrape and exfiltrate both system... Read more
Raspberry Robin Malware
A newly detailed threat has been out in the wild since late 2021. The malware has wormlike capabilities and is called Raspberry Robin. Raspberry Robin is classified as wormable malware. A wormable threat has... Read more
Talisman Malware
Talisman is the name of a piece of malware discovered in mid-2022. The malware was spotted in the wild in a campaign targeting telecommunication operators located in South Asia. According to researchers, Talisman is a... Read more
North Korean Hackers Reveal the Goldbackdoor Malware
North Korea's hacking groups are among the most notorious cybercrime organizations in the world. The majority of their attacks are either financially or politically motivated. One of the latest payloads they use is... Read more
Gamaredon Hackers Unleash the Pteredo Backdoor, Target Ukrainian Networks
Multiple Russian Advanced Persistent Threat (APT) groups have been engaging in attacks against Ukrainian target over the past few months. In addition to the hackers from the Fancy Bear group, it seems that another... Read more
Inno Stealer Spreads via Fake Windows 11 Updates
Inno Stealer is a piece of malware, which is being distributed with the help of fake downloads. The malicious package is concealed as an upgrade kit for Windows 11. However, instead of an operating system upgrade, the... Read more
