Malware
AHK RAT Loader Delivers a Plethora of RATs
AutoHotKey (AHK) scripts are meant to help users automated certain tasks with the use of pre-made scripts. These scripts come in the form of an '.ahk' file, and they are executed with the use of an interpreter called... Read more
KilllSomeOne Malware Uses DLL Side-loading to Deliver Malicious Implants
Cybersecurity experts have identified a new piece of malware dubbed KilllSomeOne. It was employed in attacks against government-affiliated entities and organizations in Myanmar. Delving deep into the infrastructure... Read more
Chinese APT May be Behind the Newly Discovered Moriya Rootkit
The Moriya Rootkit is a newly identified threat that, however, might have been working for a long time before it was finally discovered. Rootkits like this one are designed to plant themselves deep into the operating... Read more
How to Remove DOUBLEDROP
Advanced cybercrime groups rarely rely on a single malware family to carry out their attack – typically, they develop a set of hacking tools that would eventually support each other to ensure a swift, silent, and... Read more
How to Remove the Zenar Miner
The Zenar Miner is a piece of commodity malware currently being sold on hacking forums. Despite its name, it is not exactly a miner that cybercriminals can use out-of-the-box – instead, it is meant to help them run a... Read more
WeSteal Infostealer Sold Online by Inexperienced Malware Developers
Public and private hacking forums are the favorite spot of both novice and experienced cybercriminals. Newbies over there can often spend around $50-$100 to get their hands on a personalized piece of malware, which... Read more
Campo Loader Delivers Additional Malware to Japanese Victims
Yet another cybercrime campaign is targeting users and organizations in Japan. Experts suspect that the malicious attacks have been taking place since October 2020, but they were only identified and analyzed around... Read more
Snip3 Loader Empowers Large-scale RAT Attack Campaigns
Snip3 is a hacking tool that cybercriminals use to load additional payloads on the compromised computer, as well as to help conceal the malicious files from the security scanners and firewalls. The good news is that... Read more
Panda Stealer Targets Cryptocurrency Wallets and Web Browsers
The potential profits that cryptocurrency investments can bring have attracted millions of investors from around the world, and, unfortunately, many of them are likely to become the targets of scammers and... Read more
How to Remove DOUBLEBACK
DOUBLEBACK is a dangerous backdoor Trojan used and developed by an uncategorized threat actor tracked under the alias UNC2529. The criminals were involved in a large-scale cybercrime campaign that took place in... Read more
Unknown Chinese APT Targets Russia with the PortDoor Malware
Advanced Persistent Threat (APT) actors continue with their attacks against high-profile targets. This time, the news headlines mention a new piece of malware identified as PortDoor. It is believed to be used and... Read more
WeControl RAT is a Commodity Malware Linked to WeSteal Infostealer
The WeControl RAT is a Remote Access Trojan (RAT,) which is being sold online via the official website of the developers, as well as through ads posted on various hacking forums. The good news is that WeControl RAT is... Read more
Smilodon Webshell Powers a Magecart-like Skimming Campaign
The Magecart gang inspired hundreds of cybercriminals to employ Web-based skimmers in their malicious attacks. The good news is that these campaigns are not that widely spread – attackers who want to get involved need... Read more
Remove Lohodf Ransomware
File-encryption Trojans are a type of computer threat, which can cause long-lasting damage to the system and, in particular, your files. Unfortunately, once ransomware has attacked your computer, removing it might not... Read more
How to Remove DOUBLEDRAG
The DOUBLEDRAG Malware was first spotted in a large-scale attack campaign, which targeted multiple industries, spread around the entire world. While the majority of the attacks were concentrated in the United States,... Read more
Pingback Malware Uses the IMCP Windows Service for Sneaky C2 Communication
Malware researchers have identified a peculiar new malware family that targets Windows systems. It uses a popular trick known as DLL hijacking to fool the Windows operating system into running a maliciously modified... Read more
FakeChat Malware Steals Financial Data from Android Devices
The FakeChat Malware is a dangerous banking Trojan seeking to compromise Android mobile devices. The malware was initially spread throughout Spain, but recent attack campaigns have reached other European countries... Read more
'web-browserify' Malware Mimics a Legitimate npm Package
Cybercriminals often exploit legitimate resources in an attempt to amplify their attacks or the reach of their operations. One recent campaign has seen the use of this exact strategy. This time, the criminals targeted... Read more
