Threat analysis

Fake “Corona Antivirus” distributes BlackNET remote administration tool - Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.

Threat analysis

Fake “Corona Antivirus” distributes BlackNET remote administration tool

March 23, 2020 - Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.

Read more
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT - We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Threat analysis

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

March 16, 2020 - We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Read more
Rocket Loader skimmer impersonates CloudFlare library in clever scheme - URLs can be deceiving, but the one used to mimic CloudFlare's Rocket Loader in the latest Magecart attack takes it to a whole new level.

Threat analysis

Rocket Loader skimmer impersonates CloudFlare library in clever scheme

March 10, 2020 - URLs can be deceiving, but the one used to mimic CloudFlare's Rocket Loader in the latest Magecart attack takes it to a whole new level.

Read more
Domen toolkit gets back to work with new malvertising campaign - We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.

Threat analysis

Domen toolkit gets back to work with new malvertising campaign

February 28, 2020 - We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.

Read more
Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server - Criminals set up fraudulent infrastructure that looks like a typical content delivery network—except it isn't. Behind it hides a credit card skimmer injected into Magento online stores.

Threat analysis

Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server

February 26, 2020 - Criminals set up fraudulent infrastructure that looks like a typical content delivery network—except it isn't. Behind it hides a credit card skimmer injected into Magento online stores.

Read more
WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation - We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we've seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.

Threat analysis

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation

January 22, 2020 - We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we've seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.

Read more
New evasion techniques found in web skimmers - As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Threat analysis

New evasion techniques found in web skimmers

December 30, 2019 - As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Read more
Spelevo exploit kit debuts new social engineering trick - In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.

Threat analysis

Spelevo exploit kit debuts new social engineering trick

December 18, 2019 - In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.

Read more
Hundreds of counterfeit online shoe stores injected with credit card skimmer - A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.

Threat analysis

Hundreds of counterfeit online shoe stores injected with credit card skimmer

December 10, 2019 - A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.

Read more

Select your language