trend micro research : malware – Computer Security Articles

Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

Credit to Author: Shubham Singh| Date: Fri, 05 Jul 2024 00:00:00 +0000

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly.

Security TrendMicro

Mekotio Banking Trojan Threatens Financial Systems in Latin America

July 4, 2024 admin trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Trend Micro Research| Date: Thu, 04 Jul 2024 00:00:00 +0000

We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we’ll provide an overview of the trojan and what it does.

Security TrendMicro

Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer

June 27, 2024 admin trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber threats, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : research

Credit to Author: Ahmed Mohamed Ibrahim | Date: Fri, 28 Jun 2024 00:00:00 +0000

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner.

Security TrendMicro

Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework

June 19, 2024 admin trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Peter Girnus| Date: Wed, 19 Jun 2024 00:00:00 +0000

We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI files contain legitimate software installer files for AI software and other popular software but are bundled with malicious Winos payloads.

Security TrendMicro

Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups

June 14, 2024 admin trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Hara Hiroaki| Date: Tue, 11 Jun 2024 00:00:00 +0000

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.

Security TrendMicro

Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups

June 11, 2024 admin trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Hara Hiroaki| Date: Tue, 11 Jun 2024 00:00:00 +0000

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.

Security TrendMicro

Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers

June 6, 2024 admin trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : malware, trend micro research : research

Credit to Author: Sunil Bharti| Date: Thu, 06 Jun 2024 00:00:00 +0000

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project.

Security TrendMicro