Gootloader inside out
Credit to Author: Gabor Szappanos| Date: Thu, 16 Jan 2025 17:00:02 +0000
Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware – without needing a lawyer afterward
Read moreobfuscation
A look at a Magecart skimmer using the Hunter obfuscator
Categories: Threat Intelligence Tags: magecart Tags: skimmer Tags: obfuscation Tags: hunter Tags: credit card Tags: magento The threat actor behind this operation is using an open-source JavaScript obfuscator to hide its code. |
The post A look at a Magecart skimmer using the Hunter obfuscator appeared first on Malwarebytes Labs.
Read moreAttacking Emotet’s Control Flow Flattening
Credit to Author: Angela Gunn| Date: Wed, 04 May 2022 14:01:08 +0000
Sweeping aside one obfuscation technique in a notorious strain of malware
Read moreThe Hidden Bee infection chain, part 1: the stegano pack
Credit to Author: hasherezade| Date: Thu, 15 Aug 2019 15:26:55 +0000
 | |
| The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution. Categories: Tags: cryptominerscustom codeexploit kitsexploitshidden beeinfection chaininfection vectormalware modulesminerminersobfuscationpayloadsUnderminerUnderminer EK |
The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.
Read moreThe evolution of a 4-year-old-threat Emotet: From an infamous Trojan to a complex threat distributer
Credit to Author: Aniruddha Dolas| Date: Wed, 25 Jul 2018 13:40:33 +0000
Emotet malware campaign has been existing for a long time. It comes frequently in intervals with different techniques and variants to deliver malware on a victim. Attackers are smart and they use complex techniques to avoid detection. At the start of 2017, we had seen the emotet campaign spreading through…
Read moreAn emerging trend of DDE based Office malware – an analysis by Quick Heal Security Labs
Credit to Author: Aniruddha Dolas| Date: Wed, 06 Dec 2017 09:27:30 +0000
For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions…
Read moreCombating a spate of Java malware with machine learning in real-time
Credit to Author: msft-mmpc| Date: Thu, 20 Apr 2017 13:02:00 +0000
In recent weeks, we have seen a surge in emails carrying fresh malicious Java (.jar) malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get real-time protection against these latest threats. Attackers are constantly changing their methods and tools. We…
Read more