Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed…
Tag: loader
Fake system update drops Aurora stealer via Invalid Printer loader
Malvertising seems to be enjoying a renaissance as of late, whether it is from ads on search engine results pages or…
GuLoader returns with a rotten shipment
GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader…
Malware authors join forces and target organisations with Domino Backdoor
There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind…
Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique
This blog post was authored by Ankur Saini, with contributions from Hossein Jazi and Jérôme Segura (2022-04-07): Added MITRE ATT&CK mappings…
German users targeted with Gootkit banker or REvil ransomware
This blog post was authored by Hasherezade and Jérôme Segura On November 23, we received an alert from a partner about…
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
This blog post was authored by Hossein Jazi and Jérôme Segura On July 2, we found an archive file with an…
Hidden Bee: Let’s go down the rabbit hole
Some time ago, we discussed the interesting malware, Hidden Bee. It is a Chinese miner, composed of userland components, as well…