Threat analysis

Coronavirus campaigns lead to surge in malware threats, Labs report finds

June 1, 2020 - Our latest, special edition for our quarterly CTNT report focuses on recent, increased malware threats which all have one, big thing in common—using coronavirus as a lure.

Read more

Shining a light on “Silent Night” Zloader/Zbot

May 21, 2020 - The latest Malwarebytes Threat Intel report focuses on Silent Night, a new banking Trojan recently tracked as Zloader/Zbot.

Read more

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

May 6, 2020 - The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.

Read more

Credit card skimmer masquerades as favicon

May 6, 2020 - Criminals register fake domain to hide their web skimmer as an innocuous image file.

Read more

New AgentTesla variant steals WiFi credentials

April 16, 2020 - The popular infostealer AgentTesla recently added a new feature that can steal WiFi usernames and passwords, which can potentially be used to spread the malware.

Read more

APTs and COVID-19: How advanced persistent threats use the coronavirus as a lure

April 9, 2020 - We review the top APT groups taking advantage of the current pandemic.

Read more

Fake “Corona Antivirus” distributes BlackNET remote administration tool

March 23, 2020 - Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.

Read more

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

March 16, 2020 - We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Read more

Rocket Loader skimmer impersonates CloudFlare library in clever scheme

March 10, 2020 - URLs can be deceiving, but the one used to mimic CloudFlare's Rocket Loader in the latest Magecart attack takes it to a whole new level.

Read more