Topic: anti-analysis techniques
-
HR and Recruiters Hit by Year-Long Malware Attack
A long-running malware campaign is specifically targeting HR and recruitment professionals to steal sensitive organizational data using sophisticated, stealthy techniques. The attack begins with a deceptive resume-themed file that triggers a multi-stage infection, employing tactics like DLL sidel...
Read More » -
Android Malware Grants Attackers Remote Hands-On Control
Klopatra is a new Android banking trojan that has infected over 3,000 devices in Europe by posing as a legitimate IPTV/VPN app, granting attackers full remote control to monitor screens and steal financial data. The malware, developed by a Turkish-speaking group, uses overlay attacks, VNC for hid...
Read More » -
Stealit Malware Spreads Through VPN and Gaming Apps
A new malware campaign is spreading the Stealit information stealer through fake VPN and gaming installers on platforms like Mediafire and Discord, using obfuscation and anti-analysis techniques to avoid detection. The malware steals sensitive data from web browsers, gaming platforms, messaging a...
Read More » -
Beware: Fake 7-Zip Site Pushes Malware-Laden Installer
A fraudulent website impersonating the official 7-Zip software distributes a trojanized installer that secretly enrolls the victim's computer into a residential proxy network for malicious traffic routing. The malware, which mimics the legitimate site's appearance, deploys hidden components, modi...
Read More » -
Russian Hackers Use ISO Files to Spread Phantom Stealer Malware
A new Russian-linked phishing campaign, Operation MoneyMount-ISO, uses a deceptive email chain with a ZIP/ISO file to bypass standard email filters and deploy Phantom Stealer malware. The malware employs sophisticated anti-analysis techniques to evade detection and steals a wide range of sensitiv...
Read More » -
ShinyHunters Unleash ShinySp1d3r Ransomware-as-a-Service
A new ransomware-as-a-service platform called ShinySp1d3r is being developed by threat actors linked to ShinyHunters and Scattered Spider, marking a strategic shift from using established gangs' encryptors to building their own bespoke operation. The ransomware features advanced capabilities incl...
Read More » -
Malicious NPM Packages Use Adspect to Evade Detection
Seven malicious npm packages used the Adspect cloaking service to distinguish between security researchers and real targets, redirecting only the latter to fraudulent cryptocurrency sites. The packages employed anti-analysis techniques, such as disabling right-click and developer tools, and colle...
Read More » -
Hackers Exploit Microsoft ClickOnce & AWS for Stealth Attacks
The OneClik cyberattack campaign exploits Microsoft ClickOnce and custom Golang malware to target energy sector organizations, disguising malicious traffic within legitimate AWS cloud services. Attackers use phishing emails with fraudulent Azure-hosted sites to distribute malicious ClickOnce file...
Read More »