The Hidden Bee infection chain, part 1: the stegano pack
The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.
A week in security (May 27 – June 2)
A roundup of security news from May 27–June 2, including a look at 2019 ransomware outbreaks in the Unites States, ATM fraud, NIST’s privacy framework, more legal problems for Google and Facebook, and more.
Hidden Bee: Let’s go down the rabbit hole
The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.
Reversing malware in a custom format: Hidden Bee elements
When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-step analysis for a closer look.
A week in security (July 23 – July 29)
A round up of the security news from July 23 – July 29, including the introduction of Malwarebytes Browser Extensions, and new malware HiddenBee, Proton, and MobiDash.
‘Hidden Bee’ miner delivered via improved drive-by download toolkit
Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.
