NetWalker Ransomware: No Respite, No English Required
NetWalker is following a now-familiar pattern: increased ransom demands, threats to leak victim data and relentless attacks during the COVID-19 pandemic.
Read More
Deep Dive Into TrickBot Executor Module “mexec”: Reversing the Dropper Variant
Continuing our earlier analysis of the TrickBot Executor Module “mexec”, we take a look at the dropper variant and reveal how it carries its payload onboard.
Read More
Meet NEMTY Successor, Nefilim/Nephilim Ransomware
Ransomware families NEMTY, Nefilim and Nephilim continue to evolve and merge, taking on aspects of other successful variants that aim to encrypt and extort.
Read More
IcedID Botnet | The Iceman Goes Phishing for US Tax Returns
In light of the extended US tax deadline due to coronavirus, tax fraud remains a viable avenue for the criminal group behind the ICEDID banking malware.
Read More
Maze Ransomware Update: Extorting and Exposing Victims
Maze ransomware doesn’t just demand payment for a decryptor but exfiltrates victim data and threatens to leak it publicly if the target doesn’t pay up.
Read More
Deep Dive Into TrickBot Executor Module “mexec”: Hidden “Anchor” Bot Nexus Operations
New “mexec” module delivers tertiary malware and allows TrickBot to pivot within a network, deploy a variety of payloads and evade common detection methods.
Read More
Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.
Read More
New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.
Read More
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”
Read More
How TrickBot Malware Hooking Engine Targets Windows 10 Browsers
Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10
Read More