Recently when analyzing samples which attempt to bypass various applocking techniques we revisited an older bundle of various tools with the sole purpose to make money for the operators. Although the campaign seems to be long inactive it illustrates that creating malware capable of making money...
High level overview Clipsa is a multipurpose password stealer, written in Visual Basic, focusing on stealing cryptocurrencies, brute-forcing and stealing administrator credentials from unsecured WordPress websites, replacing crypto-addresses present in a clipboard, and mining cryptocurrencies on...
For several months now, we have been tracking malware called Guildma. Guildma is powerful combination of a RAT (remote access tool), spyware, password stealer and banker malware, mainly distributed via malicious attachments in phishing email campaigns. The cybercriminals behind Guildma have...
We’re tracking a new cyberthreat that combines file formats to create a more versatile malware. Authored by: Luigino Camastra, Jan Širmer, Adolf Středa and Lukáš Obrdlík Since August 2018, we have been monitoring a new malware family we’re calling Rietspoof. Rietspoof is a new multi...
Introduction Today, we hear a lot about IoT, which stands for Internet of Things. All these smart boxes, light bulbs, shades, thermostats, voice assistants, and smart machines are slowly sneaking into our households, businesses and industrial environments. It’s a logical and inevitable next...