Threat analysis

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation - We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we've seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.

Threat analysis

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation

January 22, 2020 - We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we've seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.

Read more
New evasion techniques found in web skimmers - As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Threat analysis

New evasion techniques found in web skimmers

December 30, 2019 - As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected.

Read more
Spelevo exploit kit debuts new social engineering trick - In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.

Threat analysis

Spelevo exploit kit debuts new social engineering trick

December 18, 2019 - In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.

Read more
Hundreds of counterfeit online shoe stores injected with credit card skimmer - A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.

Threat analysis

Hundreds of counterfeit online shoe stores injected with credit card skimmer

December 10, 2019 - A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data.

Read more
New version of IcedID Trojan uses steganographic payloads - We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.

Threat analysis

New version of IcedID Trojan uses steganographic payloads

December 3, 2019 - We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.

Read more
The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT - Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.

Threat analysis

The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT

October 22, 2019 - Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.

Read more
Magecart Group 4: A link with Cobalt Group? - Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Threat analysis

Magecart Group 4: A link with Cobalt Group?

October 3, 2019 - Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Read more
Magecart criminals caught stealing with their poker face on - This blog post details the curious case of a web skimmer encountered in a poker application.

Threat analysis

Magecart criminals caught stealing with their poker face on

August 20, 2019 - This blog post details the curious case of a web skimmer encountered in a poker application.

Read more
The Hidden Bee infection chain, part 1: the stegano pack - The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That's why we're dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Threat analysis

The Hidden Bee infection chain, part 1: the stegano pack

August 15, 2019 - The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That's why we're dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Read more

Select your language