trend micro research : malware – Page 8 – Computer Security Articles

Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator

June 30, 2023 admin trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research, trend micro research : web

Credit to Author: Lucas Silva| Date: Fri, 30 Jun 2023 00:00:00 +0000

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

Security TrendMicro

SeroXen Mechanisms: Exploring Distribution, Risks, and Impact

June 20, 2023 admin trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : malware, trend micro research : network, trend micro research : phishing, trend micro research : privacy & risks

Credit to Author: Peter Girnus| Date: Tue, 20 Jun 2023 00:00:00 +0000

This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators.

Security TrendMicro

SeroXen Incorporates Latest BatCloak Engine Iteration

June 15, 2023 admin trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : iot, trend micro research : malware, trend micro research : phishing, trend micro research : privacy & risks, trend micro research : spam

Credit to Author: Peter Girnus| Date: Thu, 15 Jun 2023 00:00:00 +0000

We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware.

Security TrendMicro

Analyzing the FUD Malware Obfuscation Engine BatCloak

June 9, 2023 admin trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : phishing, trend micro research : privacy & risks

Credit to Author: Peter Girnus| Date: Fri, 09 Jun 2023 00:00:00 +0000

We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities.

Security TrendMicro

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

May 30, 2023 admin trend micro research : cyber threats, trend micro research : latest news, trend micro research : malware, trend micro research : research

Credit to Author: Feike Hacquebord| Date: Tue, 30 May 2023 00:00:00 +0000

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu’s motives seem to have changed since at least October 2022.

Security TrendMicro

New Info Stealer Bandit Stealer Targets Browsers, Wallets

May 26, 2023 admin trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : malware

Credit to Author: Sarah Pearl Camiling| Date: Fri, 26 May 2023 00:00:00 +0000

This is an analysis of Bandit Stealer, a new Go-based information-stealing malware capable of evading detection as it targets multiple browsers and cryptocurrency wallets.

Security TrendMicro

Info Stealer Abusing Codespaces Puts Discord Users at Risk

May 23, 2023 admin trend micro research : malware, trend micro research : research

Credit to Author: Nitesh Surana| Date: Tue, 23 May 2023 00:00:00 +0000

In this entry, we detail our research findings on how an info stealer is able to achieve persistence on a victim’s machine by modifying the victim’s Discord client.

Security TrendMicro

Rust-Based Info Stealers Abuse GitHub Codespaces

May 19, 2023 admin trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : malware, trend micro research : privacy & risks

Credit to Author: Nitesh Surana| Date: Fri, 19 May 2023 00:00:00 +0000

This is the first part of our security analysis of an information stealer targeting GitHub Codespaces (CS) that discusses how attackers can abuse these cloud services for a variety of malicious activities.