Malsmoke operators abandon exploit kits in favor of social engineering scheme

Credit to Author: Threat Intelligence Team| Date: Mon, 16 Nov 2020 18:00:06 +0000

Threat actors behind malsmoke, one of the largest malvertising campaigns we’ve seen in recent months, have switched malware delivery tactics.

Categories: ExploitsSocial engineeringThreat analysis

Tags:

(Read more…)

The post Malsmoke operators abandon exploit kits in favor of social engineering scheme appeared first on Malwarebytes Labs.

Read more

Release the Kraken: Fileless injection into Windows Error Reporting service

Credit to Author: Threat Intelligence Team| Date: Tue, 06 Oct 2020 15:00:00 +0000

We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

Categories:

Tags:

(Read more…)

The post Release the Kraken: Fileless injection into Windows Error Reporting service appeared first on Malwarebytes Labs.

Read more

Release the Kraken: Fileless APT attack abuses Windows Error Reporting service

Credit to Author: Threat Intelligence Team| Date: Tue, 06 Oct 2020 15:00:00 +0000

We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

Categories:

Tags:

(Read more…)

The post Release the Kraken: Fileless APT attack abuses Windows Error Reporting service appeared first on Malwarebytes Labs.

Read more

Inter skimming kit used in homoglyph attacks

Credit to Author: Jérôme Segura| Date: Thu, 06 Aug 2020 17:00:00 +0000

Threat actors load credit card skimmers using a known phishing technique called homoglyph attacks.

Categories:

Tags:

(Read more…)

The post Inter skimming kit used in homoglyph attacks appeared first on Malwarebytes Labs.

Read more

Malspam campaign caught using GuLoader after service relaunch

Credit to Author: Jérôme Segura| Date: Thu, 30 Jul 2020 16:55:21 +0000

We discovered a spam campaign distributing GuLoader in the aftermath of the service’s relaunch

Categories:

Tags:

(Read more…)

The post Malspam campaign caught using GuLoader after service relaunch appeared first on Malwarebytes Labs.

Read more

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

Credit to Author: Threat Intelligence Team| Date: Tue, 21 Jul 2020 15:00:00 +0000

We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.

Categories:

Tags:

(Read more…)

The post Chinese APT group targets India and Hong Kong using new variant of MgBot malware appeared first on Malwarebytes Labs.

Read more

Credit card skimmer targets ASP.NET sites

Credit to Author: Jérôme Segura| Date: Mon, 06 Jul 2020 16:36:50 +0000

This unusual web skimmer campaign goes after sites running Microsoft’s IIS servers with an outdated version of the ASP.NET framework.

Categories:

Tags:

(Read more…)

The post Credit card skimmer targets ASP.NET sites appeared first on Malwarebytes Labs.

Read more