A look at a Magecart skimmer using the Hunter obfuscator

Categories: Threat Intelligence

Tags: magecart

Tags: skimmer

Tags: obfuscation

Tags: hunter

Tags: credit card

Tags: magento

The threat actor behind this operation is using an open-source JavaScript obfuscator to hide its code.

(Read more…)

The post A look at a Magecart skimmer using the Hunter obfuscator appeared first on Malwarebytes Labs.

Read more

The Hidden Bee infection chain, part 1: the stegano pack

Credit to Author: hasherezade| Date: Thu, 15 Aug 2019 15:26:55 +0000

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.

Read more

The evolution of a 4-year-old-threat Emotet: From an infamous Trojan to a complex threat distributer

Credit to Author: Aniruddha Dolas| Date: Wed, 25 Jul 2018 13:40:33 +0000

Emotet malware campaign has been existing for a long time. It comes frequently in intervals with different techniques and variants to deliver malware on a victim. Attackers are smart and they use complex techniques to avoid detection. At the start of 2017, we had seen the emotet campaign spreading through…

Read more

An emerging trend of DDE based Office malware – an analysis by Quick Heal Security Labs

Credit to Author: Aniruddha Dolas| Date: Wed, 06 Dec 2017 09:27:30 +0000

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions…

Read more

Combating a spate of Java malware with machine learning in real-time

Credit to Author: msft-mmpc| Date: Thu, 20 Apr 2017 13:02:00 +0000

In recent weeks, we have seen a surge in emails carrying fresh malicious Java (.jar) malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get real-time protection against these latest threats. Attackers are constantly changing their methods and tools. We…

Read more