Malware
Abcbot Botnet Focuses on DDoS Attacks
Google's Go language is quickly being adopted by many malware developers, and it seems that botnet operators are also following the same pattern. In recent news, the BotenaGo Botnet goes after Internet-of-Things... Read more
Wslink Malware Works in the Shadow to Deliver Other Payloads
Well-developed malware is usually the product of known threat actors whose activities are closely tracked by malware researchers. However, there are some projects whose code, behavior, and infrastructure cannot be... Read more
FontOnLink Linux Malware Has Been Active Since May
Linux malware is a fairly rare sight when talking about cybersecurity. However, there are multiple Advanced Persistent Threat (APT) actors specializing in the development of malware for Linux. One of the latest... Read more
TinyTurla Backdoor, a State-sponsored Turla APT Malware, Hits Germany & the U.S.
The Turla Advanced Persistent Threat (APT) group continues to be one of the most notorious, state-sponsored Russian hackers. They have been active in the hacking scene for nearly a decade, and they are constantly... Read more
Capoae Malware Targets Web Servers and WordPress
Cybercriminals are continuing to actively experiment with malware that uses the Golang programming language. This approach has multiple advantages, but there are two main ones that make it so attractive to... Read more
WaterDrop Malware, based on the PRISM Backdoor, Infect Linux Systems
While Windows continues to be the number one operating system that cybercriminals target, Linux malware is becoming a more common occurrence. One of the notable pieces of malware meant to run on Linux is the Prism... Read more
Csrss.exe Malware Suspicions
Some users have been worried about the Csrss.exe process on their Windows systems, suspecting malware infection. This article will provide information on the original Csrss.exe process and how to tell whether it is... Read more
Pink Botnet, From 1.6 Million Bots to 100,000 Infected Devices
The Pink Botnet is a dangerous project, which was first identified in 2020. However, it has rapidly grown in size over the past couple of months. In fact, for a short amount of time the Pink Botnet was one of the... Read more
Debug.exe Crypto Miner
Debug.exe is the file name of what could potentially be a malicious cryptocurrency miner. Obviously, debug.exe may also be the name of a legitimate application, but if you find it always running on your system,... Read more
BlueStealer Malware Targets Cookies, Passwords, and Cryptocurrency Wallets
The BluStealer Malware is an information stealer whose activity increased rapidly in mid-September, infecting over 6,000 users in a single day. The criminals behind this project are propagating it through the use of... Read more
PRIVATELOG Malware Hides in the Windows Common Log File System
High-profile threat actors often experiment with new mechanics and strategies to plant malware into places that antivirus tools will not check. The PRIVATELOG Malware is one of the latest samples to utilize an... Read more
HolesWarm Malware Goes After Windows and Linux, Mines Monero
The HolesWarm Malware infiltrates Windows and Linux systems in order to harvest their hardware resources for cryptocurrency mining. Such attacks are often difficult to spot because the cryptocurrency miners take extra... Read more
Remove DragSteal Malware
The DragSteal Malware is a malicious software package whose creators are renting it out to cybercriminals online. What is interesting about the DragSteal Malware is that it specializes in hijacking files related to... Read more
Wise XMRig Cryptominer Malware
Wise XMRig is the name of a malicious tool of the Trojan horse variety. The way Trojan horses work is by quietly infiltrating the victim's system and then allowing the Trojan author nearly unlimited access to the host... Read more
DoppelDridex Used by Financially-motivated Actors
DoppelDridex is a peculiar malware sample, which is being actively spread through several phishing campaigns. The criminals are using a modified version of the Dridex Malware to deploy additional payloads – such as... Read more
What is the 'Eicar Test File' and How to Remove it
The 'Eicar Test File' is a component that many users are not familiar with. You may first encounter it when your firewall or another security product alerts you of its presence. Of course, this does not sound good –... Read more
FIN7 Hackers Use the PILLOWMINT Malware to Scrape Card Data
The FIN7 hacking group is one of the most renowned financially motivated actors. They are the hackers responsible for the development and use of the one of the most dangerous banking Trojans, Carbanak. Of course, the... Read more
Remove Roblox Virus
The Roblox Virus is a very generic term, which people often search for online when they encounter an issue with Roblox-related software. While Roblox itself is very safe, there are some 3rd-party tools, which might... Read more
