Credit to Author: Jérôme Segura| Date: Mon, 30 Dec 2019 22:25:06 +0000
 | |
| As Magecart credit card skimmers become exposed by security researchers, their authors are refining evasion techniques to go undetected. Categories: Tags: credit cardMagecartskimmersteganographyweb skimmerswebsocketwss |
The post New evasion techniques found in web skimmers appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Wed, 18 Dec 2019 16:00:00 +0000
 | |
| In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player. Categories: Tags: EKexploit kitGozimalvertisingQakbotQbotSocial EngineeringSpelevoUrsnif |
The post Spelevo exploit kit debuts new social engineering trick appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Tue, 10 Dec 2019 17:30:50 +0000
 | |
| A Magecart credit card skimmer was found injected into hundreds of counterfeit, brand-name shoe stores—a one-two punch of victimization for users first duped with fake goods then stripped of their personal data. Categories: Tags: counterfeitcredit cardfraudMagecartshoesskimmers |
The post Hundreds of counterfeit online shoe stores injected with credit card skimmer appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Tue, 03 Dec 2019 18:06:13 +0000
 | |
| We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware. Categories: Tags: backdoorbanking Trojanbanking Trojanscredential stealingdownloaderhooking browsersIcedID Trojanmalwaremalware analysisman-in-the-browser attackspasswordsstealerstealer functionalitystealing passwordsstealthy malwaretrickbotTrojans |
The post New version of IcedID Trojan uses steganographic payloads appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Tue, 22 Oct 2019 15:00:00 +0000
 | |
| Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak. Categories: Tags: advanced persistent threatsAPTsattributioncarbanakcybercriminal groupsdridexGroup5Magecartmalicious domainsmalicious websitesskimmer |
The post The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Thu, 03 Oct 2019 15:00:00 +0000
 | |
| Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt. Categories: Tags: carbanakcolbalt groupcredit cardsdata theftecommerceFIN7group 4HYASJavaScriptMagecartskimmersthreat actorthreat actor groupthreat actors |
The post Magecart Group 4: A link with Cobalt Group? appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Tue, 20 Aug 2019 15:00:38 +0000
 | |
| This blog post details the curious case of a web skimmer encountered in a poker application. Categories: Tags: drupalJavaScriptMagecartmagentopokerskimmer |
The post Magecart criminals caught stealing with their poker face on appeared first on Malwarebytes Labs.
Read moreCredit to Author: hasherezade| Date: Thu, 15 Aug 2019 15:26:55 +0000
 | |
| The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution. Categories: Tags: cryptominerscustom codeexploit kitsexploitshidden beeinfection chaininfection vectormalware modulesminerminersobfuscationpayloadsUnderminerUnderminer EK |
The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.
Read more