New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader.
In-depth analysis of a trojan banker impacting users in Portugal and Brazil at the end of May 2020.
Operadores do grupo Turla lançam nova release do ComRAT que usa a interface do Gmail como C2.
The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks.
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file.
After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal.
The infamous Lampion malware is known since December 2019 by targeting Portuguese organizations and equipped now with a new obfuscation layer.
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax.
O código fonte do trojan malware Carbanak foi encontrado na plataforma VirusTotal.
Website de um software de edição de vídeo popular foi comprometido para disseminar malware.
Um banking malware baseado em fileless está a ser usado pelos criminosos para roubar credenciais, contactos do Outlook e instalar uma ferramenta para post-explotation.
The recent malware dubbed Muncy has been distributed via DHL phishing campaigns worldwide.
SI LAB: Trojan.VB.Crypt – New RAT has been distributed in-the-wild by criminals
Trojan no Linux pode desativar o antivírus e roubar passwords root.