Despite risks to their own data and devices, some users continue to be lured into downloading illegal versions of popular paid-for software, disregarding the potentially more severe repercussions than legitimate alternatives. We have analyzed how cybercriminals deploy HotRat, a remote access trojan...
Researchers for Avast have developed a decryptor for the Akira ransomware and released it for public download. The Akira ransomware appeared in March 2023 and since then, the gang claims successful attacks on various organizations in the education, finance and real estate industries, amongst others.
Social Engineering Dominance, Rising Tide of Information-Stealers, and OneNote Abused by Malware Groups
NoName057(16) is still conducting DDoS attacks on the websites of institutions and companies in European countries. The new Go variant of bots implemented an authentication mechanism to communicate with C2 servers and their proxies. Moreover, the mechanism also provides IP address blocklisting...
Zero-day attacks discovered in-the-wild, Arkei Stealer and LimeRAT boosting their presence, and continuation of pro-russian DDoS attacks
Avast discovered an exploit for CVE-2021-38003 was used in the wild to attack Dota 2 players. This exploit achieved remote code execution on other players' machines by taking advantage of Dota's usage of an outdated V8 version. In response to Avast's findings, Valve patched the vulnerability on...
The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022, performing targeted attacks in various industries, such as the media and entertainment, manufacturing and healthcare sectors, and raised the...
Volunteers join a DDoS botnet called DDosia to carry out attacks in order to earn up to 80,000 rubles in cryptocurrency by providing their network bandwidth.
In this paper we will detail a novel way to gain script access to any compiled Visual Basic 6 executable.
This task is accomplished by instrumentation of the runtime and utilizing innate design features of the language.
Avast discovered a distribution point where a malware toolset is hosted, but also serves as temporary storage for the gigabytes of data being exfiltrated on a daily basis, including documents, recordings, and webmail dumps including scans of passports from Asian, American and European citizens and...