Avast discovered and analyzed GuptiMiner, a malware campaign hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers.
ViperSoftX is a multi-stage stealer that exhibits interesting hiding capabilities. Other than stealing cryptocurrencies, it also spreads the VenomSoftX browser extension, which performs man-in-the-browser attacks.
Parrot TDS is a new Traffic Direction System that is using tens of thousands of compromised websites. The TDS provides bad actors access to carry out malicious activity via the infected sites.
CoinHelper is a family of AutoIt droppers which provides a massive coinmining campaign. The malware is being spread in a form of a bundle with another software, being it game cheats, cracked software, or even clean installers such as Google Chrome, Microsoft Office, AV products, and many others.
MyKings is a long-standing and relentless botnet which has been active from at least 2016. Our research has shown that, since 2019, the operators behind MyKings have amassed at least $24 million USD (and likely more) in the Bitcoin, Ethereum, and Dogecoin.
After peeling away the MehCrypter’s layers in the first part of our blog series, we felt there was no other choice than to deep dive even further into the Meh password stealer payload and all its functionalities
For some time now, we’ve been monitoring a new strain of malicious programs that we are referring to as "Meh". It all started when we came across large amounts of files with randomly generated strings at their beginning, followed by a compiled AutoIt script… and what a ride it has been since.
CoViper is a new wiper malware family taking advantage of the COVID-19 crisis. The wiper breaks an infected computer’s boot operation, by rewriting the Master Boot Record (MBR) located on the computer’s disk.
High level overview Clipsa is a multipurpose password stealer, written in Visual Basic, focusing on stealing cryptocurrencies, brute-forcing and stealing administrator credentials from unsecured WordPress websites, replacing crypto-addresses present in a clipboard, and mining cryptocurrencies on...