EHA
Mimic Ransomware Abuses Windows Search

New Mimic Ransomware Abuses Windows Search Engine to Look Files for Encryption

A new strain of ransomware named Mimic has been uncovered recently by security experts at Trend Micro in June 2022. Mimic takes advantage of the APIs of the 'Everything' a file search tool for...
Hackers Use Shapeshifting Tactics

Hackers Use Shapeshifting Tactics to Steal Information Stealing Malware

Recently, Cyble Research and Intelligence Labs (CRIL) discovered Aurora Stealer malware imitating popular applications on phishing sites to infect as many users as possible. To target a variety of well-known applications, the threat actors behind...
Chinsese Hackers Using Golang Source Code Interpreter To Bypass Detection

Chinese Hackers Using Golang Source Code Interpreter To Bypass Detection

Researchers uncovered a new uncommon technique employed by Chinese threat actors in which Golang Source Code Interpreter used to evade detection in the Dragonspark malware campaign. DragonSpark is the first malicious campaign that utilizes SparkRAT,...
Roaming Mantis Uses Android Malware that Hijacks DNS by Exploiting Wi-Fi Routers

Roaming Mantis Uses Android Malware To Hijacks DNS by Exploiting Wi-Fi Routers

Roaming Mantis is a cyberattack campaign that has been active for an extended period of time. The attackers behind this campaign use malicious APK files, which are the files used to install apps on...
Hook Banking Trojan

Hook Banking Trojan Infect Stored Files in Devices & Create Remote Session

A new Android malware known as 'Hook' has surfaced in the cybercrime market, and this malware has been developed by the creator (DukeEugene) of Ermac who is now selling it to potential buyers.  The malware...
Rhadamanthys Stealer Delivered Via a Spam Email

Beware! New Infostealer Malware Spreading Through Google Ads

Cyble Research & Intelligence Labs (CRIL) discovered a brand-new malware variant called "Rhadamanthys Stealer." This malware stealer variation is now in use and the threat actors who created it are offering it for sale...
IcedID Malware Active Directory

IcedID Malware Let Attackers Compromise the Active Directory Domain

In a recent incident, within just 24 hours of initial access, the IcedID (aka BokBot) malware was used to successfully penetrate the Active Directory domain of an unnamed target.  The attack employed tactics similar to...
Beware! Gootkit Loader Malware Using VLC Player to Deliver Malicious Payloads

Beware! Gootkit Loader Malware Using VLC Player to Deliver Malicious Payloads

Trend Micro researchers recently reported that Australian healthcare entities were infected with a Cobalt Strike beacon after a new SEO poisoning campaign has been launched by Gootkit loader malware operators who use VLC Media...
malicious IcedID malware campaign

Beware of Modified Zoom App that Delivers Banking Malware IcedID Malware

A malicious IcedID malware campaign was identified recently by Cyble researchers through which threat actors are actively spreading malware using modified versions of the Zoom application that have been trojanized. Due to the growing awareness...
BitRAT Malware Uses Bank-Themed Phishing Emails

BitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information

Qualys reported in June of 2022 that Discord's content delivery network was found to be sharing a commercial off-the-shelf info stealer by hosting a fake cracked version of the software.  During this time, researchers have...