Threat analysis

Magecart Group 4: A link with Cobalt Group? - Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Threat analysis

Magecart Group 4: A link with Cobalt Group?

October 3, 2019 - Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Read more
Magecart criminals caught stealing with their poker face on - This blog post details the curious case of a web skimmer encountered in a poker application.

Threat analysis

Magecart criminals caught stealing with their poker face on

August 20, 2019 - This blog post details the curious case of a web skimmer encountered in a poker application.

Read more
The Hidden Bee infection chain, part 1: the stegano pack - The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That's why we're dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Threat analysis

The Hidden Bee infection chain, part 1: the stegano pack

August 15, 2019 - The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That's why we're dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Read more
Say hello to Lord Exploit Kit - In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.

Exploits | Threat analysis

Say hello to Lord Exploit Kit

August 2, 2019 - In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.

Read more
Exploit kits: summer 2019 review - In this edition of our seasonal review of exploit kits, we review active and unique EKs hitting consumers and businesses over the summer 2019 season.

Threat analysis

Exploit kits: summer 2019 review

July 30, 2019 - In this edition of our seasonal review of exploit kits, we review active and unique EKs hitting consumers and businesses over the summer 2019 season.

Read more
A deep dive into Phobos ransomware - We take an in-depth look into Phobos ransomware which threat actors distribute via RDP and look at similarities with Dharma (AKA CrySis) ransomware.

Threat analysis

A deep dive into Phobos ransomware

July 24, 2019 - We take an in-depth look into Phobos ransomware which threat actors distribute via RDP and look at similarities with Dharma (AKA CrySis) ransomware.

Read more
Fake jquery campaign leads to malvertising and ad fraud schemes - We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.

Threat analysis

Fake jquery campaign leads to malvertising and ad fraud schemes

June 27, 2019 - We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.

Read more
GreenFlash Sundown exploit kit expands via large malvertising campaign - The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Threat analysis

GreenFlash Sundown exploit kit expands via large malvertising campaign

June 26, 2019 - The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Read more
Magecart skimmers found on Amazon CloudFront CDN - Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.

Threat analysis

Magecart skimmers found on Amazon CloudFront CDN

June 4, 2019 - Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.

Read more

Select your language