Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
7 attack reports | 0 vulnerabilities
This article provides an in-depth analysis of RedLine Stealer, a notorious information-stealing malware. The research focuses on previously undocumented backend modules and the control panel used by affiliates. Key findings include the identification of over 1,000 unique IP addresses hosting RedLin…
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
A sophisticated spear-phishing attack led to a more_eggs backdoor infection at a company. The attack began with an email to a senior executive, followed by a recruitment officer downloading a fake resume. The malicious file, disguised as a resume, contained obfuscated commands that executed when op…
This comprehensive report analyzes Gomorrah Stealer, a sophisticated malware designed to exfiltrate sensitive information from compromised systems. It operates within a malware-as-a-service framework and targets data from web browsers, cryptocurrency wallets, VPNs, and configuration files. The stea…
This report explores how the Dolphin Loader, a malware-as-a-service loader, abuses the legitimate ITarian Remote Monitoring and Management (RMM) software to distribute various malware payloads. The loader leverages the built-in functionality of RMM tools, such as remote command execution and system…
At Cyfirma, this report offers a comprehensive analysis of Mint Stealer, an information-stealing malware operating within a malware-as-a-service (MaaS) framework. Mint Stealer targets sensitive data and uses sophisticated techniques to evade detection. This in-depth study explores Mint Stealer's ev…
IBM's X-Force has been tracking large-scale phishing campaigns distributing the Grandoreiro banking trojan, likely operated as a Malware-as-a-Service. The malware targets over 1500 global banks, enabling banking fraud in over 60 countries. The latest variant features major updates, including string…