Introduction A new variant of a Brazilian trojan has impacted Internet end users in Portugal since last month (February 2022). Although there are no…
Taking the bait: The modus operandi of massive social engineering waves impacting banks in Portugal in the last two years.
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and…
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal.
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware.
The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template.
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader.
In-depth analysis of a trojan banker impacting users in Portugal and Brazil at the end of May 2020.
Operadores do grupo Turla lançam nova release do ComRAT que usa a interface do Gmail como C2.
The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks.
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file.
After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal.
The infamous Lampion malware is known since December 2019 by targeting Portuguese organizations and equipped now with a new obfuscation layer.
Targeting Portugal: A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax.
O código fonte do trojan malware Carbanak foi encontrado na plataforma VirusTotal.
Website de um software de edição de vídeo popular foi comprometido para disseminar malware.