Rook ransomware analysis
Rook ransomware is relatively recent, and one of the advantages of this line’s other threats is the multithreading engine that pulverizes the encryption speed during…
Categoria: Malware and Phishing Analysis
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats
Introduction A new variant of a Brazilian trojan has impacted Internet end users in Portugal since last month (February 2022). Although there are no…
Phishing bancário as a service em Portugal com novo servidor C2
Nos últimos dias foi registada uma nova vaga de phishing a decorrer em Portugal utilizando um novo servidor command and control (C2) geolocalizado no Brasil….
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years.
HelloKitty: The ransomware affecting CD Projekt Red and Cyberpunk 2077
HelloKitty: The ransomware affecting CD Projekt Red and Cyberpunk 2077
Taking the bait: The modus operandi of massive social engineering waves impacting banks in Portugal
Taking the bait: The modus operandi of massive social engineering waves impacting banks in Portugal in the last two years.
Malware analysis: Details on LockBit ransomware
Introduction LockBit is a data encryption malware in operation since September 2019 and a recent Ransomware-as-a-Service (RaaS), in which developers are in charge of the payment site…
The new maxtrilha trojan is being disseminated and targeting several banks
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and…
Netwalker ransomware full analysis
Netwalker is a data encryption malware that represents an evolution of the well-known Kokoklock ransomware and has been active since September 2019. This article will detail the specific technical features of the Netwalker ransomware. We will analyze what Netwalker is, how it works, and how you can avoid falling victim to this threat.
Phishing+Telegram: Solicitação de reembolso da Autoridade Tributária?
Phishing+Telegram: Solicitação de reembolso da Autoridade Tributária?
Fraude personificando a marca Continente espalha-se através do WhatsApp: Não se deixe enganar!
Nos últimos dias, uma nova campanha fraudulenta personificando a marca Continente tem atingido os utilizadores portugueses. A campanha tem a capacidade de se auto-propagar via WhatsApp.
Ragnar Locker – Malware analysis
Ragnar Locker is ransomware that affects devices running Microsoft Windows operating systems. It was initially observed towards the end of December 2019 as part of a series of attacks against compromised networks.
Secrets behind the Lazarus’s VHD ransomware
Data encryption malware is one of the most popular malware families in recent years and targets mass volumes of users and companies around the world. In this article, we will take a deep dive into a new VHD ransomware distributed in the wild by the Lazarus group — the criminals behind the WannaCry incident in 2017.
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal.
A new month of phishing and Google’s trigger to bypass detection
A new month, a new wave of phishing. Learn here about the email templates recently used by crooks in Portugal and the new trick to bypass detection.
Cuidado com as fraudes bancárias dos últimos dias: Detetar e proteger-se
Cuidado com as fraudes bancárias dos últimos dias: Detetar e proteger-se contra esta ameaça.