Trojan

ZE Loader Enables Overlay Attacks through an RDP Connection screenshot

ZE Loader Enables Overlay Attacks through an RDP Connection

The ZE Loader is a malicious Windows application whose operators use it to execute the so-called overlay attacks. This attack technique focuses on stealing financial data from victims by displaying fake phishing... Read more

September 24, 2021
FIN8 Hackers use Sardonic Backdoor to Target Financial Institutions screenshot

FIN8 Hackers use Sardonic Backdoor to Target Financial Institutions

Threat actors have different motivations and goals. Some of them are working for the highest bidder, while others focus on espionage and data exfiltration. There are also those like FIN8, threat actors whose... Read more

August 26, 2021
IISerpent Trojan Targets IIS Servers, Manipulates Search Engine Optimization screenshot

IISerpent Trojan Targets IIS Servers, Manipulates Search Engine Optimization

Recently, cybersecurity experts have had to deal with a large number of malware focusing the Internet Information Services (IIS) component. The latest malware family to join the list is the IISerpent Trojan. This... Read more

August 12, 2021
VBA RAT Reaches Victims through pro-Crimea Manifesto screenshot

VBA RAT Reaches Victims through pro-Crimea Manifesto

A new piece of malware has been used in the ongoing cyber battle between Russia and Ukraine over the Crimea conflict. The new threat, dubbed the VBA RAT, is being delivered through phishing emails, which contain a... Read more

August 4, 2021
BIOPASS RAT Spread Through Compromised Gambling Sites screenshot

BIOPASS RAT Spread Through Compromised Gambling Sites

An unknown threat actor is using a new Python-based payload to target users of Chinese gambling sites. The malware is being spread via fraudulent messages and pop-ups, which show up on legitimate gambling sites – this... Read more

July 13, 2021
What is the 'Wup.exe' Process? screenshot

What is the 'Wup.exe' Process?

One of the first thing that tech-savvy users do when they experience performance issues is to check the Task Manager. This essential Windows tool reveals a lot about the way your computer's resources are being used.... Read more

June 28, 2021
Numando Banking Trojan Targets Latin America, Leverages Popular Services screenshot

Numando Banking Trojan Targets Latin America, Leverages Popular Services

Latin American threat actors have a long list of banking Trojans behind their backs. Major malware families like the Bizarro Banking Trojan have been bothering users in Latin America for the past few years. However, a... Read more

September 20, 2021
Horus Eyes RAT Used to Support the warsaw Banking Trojan screenshot

Horus Eyes RAT Used to Support the warsaw Banking Trojan

Cybercriminals often combine private projects with well-known, public malware families. The latest example of this is a banking Trojan with the name 'warsaw.' The creators of this malware are relying on a relatively... Read more

August 17, 2021
IISpy Backdoor Goes After Microsoft IIS Servers screenshot

IISpy Backdoor Goes After Microsoft IIS Servers

The IISpy Backdoor is a dangerous Trojan, which targets a particular Windows service – the Internet Information Services (IIS.) The goal of the malware is reconnaissance and espionage. This is why it focuses on tasks... Read more

August 11, 2021
Coper Android Trojan Strikes Colombian Users screenshot

Coper Android Trojan Strikes Colombian Users

Coper is a newly identified threat, which appears to have features typical for banking Trojans. It goes after Android mobile devices exclusively, and it is able to target a wide range of financial institutions. Its... Read more

July 23, 2021
ReverseRat, a Pakistani Trojan Targeting Indian Entities screenshot

ReverseRat, a Pakistani Trojan Targeting Indian Entities

The cyber warfare between India and Pakistan continues. This time, an unknown Pakistani threat actor has been using a new malware, called ReverseRat, to compromise the network security of India-based power companies.... Read more

July 6, 2021
PYSA Gang Employs the ChaChi Trojan to Deliver Ransomware screenshot

PYSA Gang Employs the ChaChi Trojan to Deliver Ransomware

Ransomware gangs often rely on a wide range of malware families to gain complete control over infected systems, as well as to spread laterally across entire networks. One of the ransomware gangs to recently introduce... Read more

June 25, 2021
Remove Wirenet Backdoor screenshot

Remove Wirenet Backdoor

The Wirenet Backdoor is a dangerous Trojan that has cross-platform compatibility. This means that it is one of the few malicious implants, which work not just on Windows. This one, in particular, has the ability to... Read more

August 27, 2021
JDWPMiner Trojan Targets the Java Debug Wire Protocol screenshot

JDWPMiner Trojan Targets the Java Debug Wire Protocol

Cybersecurity researchers report of a new piece of malware, which exploits weaknesses in the Java Debug Wire Protocol (JDWP) component. The latter is an important part of the debugging process when it comes to Java... Read more

August 13, 2021
Cinobi Banking Trojan Goes After Users in Japan screenshot

Cinobi Banking Trojan Goes After Users in Japan

The Cinobi Banking Trojan made its first moves in 2020 when its operators went after users in Japan. Surprisingly, they severely limited the Trojan's reach by relying on a set of two exploits, which only worked on... Read more

August 10, 2021
MosaicLoader Spreads RATs and Infostealers screenshot

MosaicLoader Spreads RATs and Infostealers

Malware researchers have identified a new strain of malware, which goes under the name MosaicLoader. The threat is able to distribute additional payloads to its victims, and it has been typically used in combination... Read more

July 21, 2021
RustyBuer, a Reworked Version of the Buer Trojan screenshot

RustyBuer, a Reworked Version of the Buer Trojan

The Buer downloader is a dangerous Trojan whose activity dates back to the end of 2020. Its creators use it to propagate different pieces of malware such as banking Trojans, ransomware, and information stealer.... Read more

July 1, 2021
Reworked JSSLoader Delivers the Carbanak Trojan screenshot

Reworked JSSLoader Delivers the Carbanak Trojan

Refactoring code is a popular technique that software developers use to, in layman's terms, modify the internal structure of their program without changing its behavior at all. Malware developers also employ such... Read more

June 25, 2021
Loading...