Kimsuky APT continues to target South Korean government using AppleSeed backdoor

Credit to Author: Threat Intelligence Team| Date: Tue, 01 Jun 2021 13:00:00 +0000

Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.

Categories: MalwareThreat analysis

Tags:

(Read more…)

The post Kimsuky APT continues to target South Korean government using AppleSeed backdoor appeared first on Malwarebytes Labs.

Read more

Revisiting the NSIS-based crypter

Credit to Author: Threat Intelligence Team| Date: Mon, 31 May 2021 18:15:56 +0000

In this blog we look at the constantly evolving NSIS crypter which malware authors have been leveraging as a flexible tool to pack and encrypt their samples.

Categories: Threat analysis

Tags:

(Read more…)

The post Revisiting the NSIS-based crypter appeared first on Malwarebytes Labs.

Read more

SolarWinds attackers launch new campaign

Credit to Author: Pieter Arntz| Date: Fri, 28 May 2021 14:24:01 +0000

The Microsoft Threat Intelligence Center has issued a warning about new activities from Nobelium, the group behind SolarWinds, Sunburst, and related attacks.

Categories: Threat analysis

Tags:

(Read more…)

The post SolarWinds attackers launch new campaign appeared first on Malwarebytes Labs.

Read more

A deep dive into Saint Bot, a new downloader

Credit to Author: Threat Intelligence Team| Date: Tue, 06 Apr 2021 21:37:12 +0000

Saint Bot is a downloader that has been used to drop stealers. We take a deep look at it and its accompanying panel.

Categories: CriminalsThreat analysis

Tags:

(Read more…)

The post A deep dive into Saint Bot, a new downloader appeared first on Malwarebytes Labs.

Read more

Aurora campaign: Attacking Azerbaijan using multiple RATs

Credit to Author: Threat Intelligence Team| Date: Tue, 06 Apr 2021 19:24:27 +0000

We identified a new Python-based RAT targeting Azerbaijan from the same threat actor we profiled a month ago.

Categories: MalwareThreat analysis

Tags:

(Read more…)

The post Aurora campaign: Attacking Azerbaijan using multiple RATs appeared first on Malwarebytes Labs.

Read more

New steganography attack targets Azerbaijan

Credit to Author: Threat Intelligence Team| Date: Fri, 05 Mar 2021 22:37:13 +0000

A lure document targeting Azerbaijan uses steganography to conceal a remote administration Trojan.

Categories: Threat analysis

Tags:

(Read more…)

The post New steganography attack targets Azerbaijan appeared first on Malwarebytes Labs.

Read more