Threat Intelligence

Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis - Malwarebytes Threat Intelligence has uncovered an attack using the lure of information about the war in Ukraine to target people in Germany.
APT34 targets Jordan Government using new Saitama backdoor - A deep dive into a sophisticated attack that used the Saitama backdoor.
Ransomware: April 2022 review - April 2022 saw the arrival of three new ransomware gangs and the unwelcome return of an old enemy.
Nigerian Tesla: 419 scammer gone malware distributor unmasked - Scamming, phishing and other data theft is all part of Nigeria Tesla's portfolio.
Ransomware: March 2022 review - Get the latest information on ransomware trends with our monthly review.
Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique - We discovered an interesting trick used by Colibri Loader to survive reboots that takes advantage of a legitimate command in PowerShell.
New UAC-0056 activity: There’s a Go Elephant in the room - In late March, the cyber espionage group UNC2589 also known as SaintBear launched a spear phishing campaign targeting several entities in Ukraine. In this blog we review this attack and the intended payloads.
New spear phishing campaign targets Russian dissidents - We've identified a new campaign using a combination of exploits, malicious macros and other lures that is targeted at Russian individuals who may have violated restrictions imposed by the Russian government.
Double header: IsaacWiper and CaddyWiper - We review two of the latest wipers that have targeted Ukraine recently.

Select your language