Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware.
Etiqueta: trojan
Lampion trojan disseminated in Portugal using COVID-19 template
The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template.
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader.
In-depth analysis of a trojan banker impacting Portugal and Brazil
In-depth analysis of a trojan banker impacting users in Portugal and Brazil at the end of May 2020.
Operadores do grupo Turla lançam nova release do ComRAT que usa a interface do Gmail como C2
Operadores do grupo Turla lançam nova release do ComRAT que usa a interface do Gmail como C2.
The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks
The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks.
Trojan Lampion is back after 3 months
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file.
Lampion malware origin servers geolocated in Turkey
After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal.
Lampion malware v2 February 2020
The infamous Lampion malware is known since December 2019 by targeting Portuguese organizations and equipped now with a new obfuscation layer.
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax.
Código fonte do trojan Carbanak encontrado no VirusTotal
O código fonte do trojan malware Carbanak foi encontrado na plataforma VirusTotal.
Website do software de edição de vídeo VSDC foi comprometido para disseminar malware in-the-wild
Website de um software de edição de vídeo popular foi comprometido para disseminar malware.
Um banking malware baseado em fileless está a ser usado pelos criminosos para roubar credenciais, contactos do Outlook e instalar uma ferramenta para post-explotation
Um banking malware baseado em fileless está a ser usado pelos criminosos para roubar credenciais, contactos do Outlook e instalar uma ferramenta para post-explotation.
[SI-LAB] The Muncy malware is on the rise
The recent malware dubbed Muncy has been distributed via DHL phishing campaigns worldwide.