Ransomware

We have been tracking a prolific malvertising campaign for several weeks and captured a variety of payloads, including several stealers. One that we initially identified as Arkei turned out to be Vidar, a new piece of malware recently analyzed in detail by Fumik0_ in his post: Let’s dig into Vidar – An ArkeiRead More →

cryptomining

Android malware that combines info/data-stealing and phishing capabilities lurked in Google Play using the guise of legit-looking applications; one of them was installed at least 100,000 times. Camouflaged as utility apps or games, Mobstspy infected devices primarily in India, although its distribution was worldwide, affecting users in 199 countries. ResearchesRead More →

crypto

Several major U.S. newspapers reported they were victims of production-disrupting cyber attacks on or around the holidays. On December 29, the LA Times noted that an unknown actor used what experts believe to be Ryuk ransomware to infect systems needed to publish the newspaper, including computers that store the newsRead More →

crypto

Steganography, or the method used to conceal a malicious payload inside an image to evade security solutions, has long been used by cybercriminals to spread malware and perform other malicious operations. We recently discovered malicious actors using this technique on memes. The malware authors have posted two tweets featuring maliciousRead More →