Threat analysis

New evasion techniques found in web skimmers - As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.
Spelevo exploit kit debuts new social engineering trick - In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.
Hundreds of counterfeit online shoe stores injected with credit card skimmer - A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.
New version of IcedID Trojan uses steganographic payloads - We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.
The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT - Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.
Magecart Group 4: A link with Cobalt Group? - Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.
Magecart criminals caught stealing with their poker face on - This blog post details the curious case of a web skimmer encountered in a poker application.
The Hidden Bee infection chain, part 1: the stegano pack - The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That's why we're dedicating a series of posts to exploring its elements and updates made during one year of its evolution.
Say hello to Lord Exploit Kit - In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.

Select your language