Threat analysis

Coronavirus campaigns lead to surge in malware threats, Labs report finds - Our latest, special edition for our quarterly CTNT report focuses on recent, increased malware threats which all have one, big thing in common—using coronavirus as a lure.
Shining a light on “Silent Night” Zloader/Zbot - The latest Malwarebytes Threat Intel report focuses on Silent Night, a new banking Trojan recently tracked as Zloader/Zbot.
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app - The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.
Credit card skimmer masquerades as favicon - Criminals register fake domain to hide their web skimmer as an innocuous image file.
New AgentTesla variant steals WiFi credentials - The popular infostealer AgentTesla recently added a new feature that can steal WiFi usernames and passwords, which can potentially be used to spread the malware.
APTs and COVID-19: How advanced persistent threats use the coronavirus  as a lure - We review the top APT groups taking advantage of the current pandemic.
Fake “Corona Antivirus” distributes BlackNET remote administration tool - Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT - We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
Rocket Loader skimmer impersonates CloudFlare library in clever scheme - URLs can be deceiving, but the one used to mimic CloudFlare's Rocket Loader in the latest Magecart attack takes it to a whole new level.

Select your language