Malware

NullMixer Malware Loader Delivers Malicious Files in Bulk screenshot

NullMixer Malware Loader Delivers Malicious Files in Bulk

NullMixer is a newly discovered piece of malware that acts as a downloader for a number of other malicious files. Security researchers examining NullMixer found it distributed primarily through websites that offer... Read more

September 29, 2022
Bobik Malware Linked with Attacks in Ukraine screenshot

Bobik Malware Linked with Attacks in Ukraine

Bobik is the name of a piece of malware acting like a remote access trojan. Security researchers have linked Bobik to a threat actor known for its pro-Russian attitudes, known by the alias NoName 057(16). According to... Read more

September 9, 2022
Botnet Blacklist is a Suspicious Warning Message screenshot

Botnet Blacklist is a Suspicious Warning Message

Botnet Blacklist, or more specifically Botnet:Blacklist is a detection designation given by an anti-malware application to connections it considers suspicious. This designation and the handle "Botnet:Blacklist" is... Read more

September 7, 2022
Netflix Party Cookie Stuffing Rogue Extension screenshot

Netflix Party Cookie Stuffing Rogue Extension

Netflix Party is the name of a rogue browser extension for Chrome that offers the ability to watch streaming shows in sync with friends. The malicious icing on the cake is that the same extension also performs cookie... Read more

September 5, 2022
Heur.advml.c Detection screenshot

Heur.advml.c Detection

Heur.advml.c is the designation given to a heuristic detection that can be brought up by some antivirus applications. In most cases, this is a false positive. Heuristic detection in antivirus software works very... Read more

August 31, 2022
MagicWeb Malware Used by NOBELIUM APT screenshot

MagicWeb Malware Used by NOBELIUM APT

Microsoft's Threat Intelligence Center published a report on a new piece of malware associated with a Russian-speaking advanced persistent threat actor known under the aliases APT29, Cozy Bear and, under Microsoft's... Read more

August 26, 2022
Watch Out for The Cortana Runtime Broker CPU Miner screenshot

Watch Out for The Cortana Runtime Broker CPU Miner

There is a new malicious tool out in the wild that is designed to mimic the legitimate Cortana application and associated processes. The malware in question works as a crypto miner and will abuse your system's... Read more

September 28, 2022
Icarus Stealer Attempts to Dodge AV Protection screenshot

Icarus Stealer Attempts to Dodge AV Protection

Icarus stealer is the name of a newly discovered malicious infostealer tool. The new malware has the usual range of features and the functionality you would expect from a fairly well-developed infostealer tool. Icarus... Read more

September 9, 2022
What Does The MicTrayDebugger Do? screenshot

What Does The MicTrayDebugger Do?

MicTrayDebugger is the designator of a Windows Defender detection. Another variation of what is essentially the same detection is "Win32/MicTrayDebugger!ml". The MicTrayDebugger detection is usually triggered by... Read more

September 7, 2022
Nitrokod Malware Drops Cryptominer screenshot

Nitrokod Malware Drops Cryptominer

Nitrokod is the name of a newly discovered piece of malware. Nitrokod is the first-stage tool in a long-term infection chain that culminates with the downloading of a cryptomining tool on the victim's system. Unlike... Read more

August 31, 2022
0ktapus Phishing Kit Deployed in Massive Campaign screenshot

0ktapus Phishing Kit Deployed in Massive Campaign

A large-scale phishing campaign that was executed recently affected over a hundred organizations and companies. The tool used bears the same name as the threat actor behind the phishing campaign - 0ktapus. The... Read more

August 29, 2022
HYPERSCRAPE Malware Steals Information screenshot

HYPERSCRAPE Malware Steals Information

HYPERSCRAPE is the name of a piece of malware associated with a threat actor known under the aliases Charming Kitten, APT35 and Phosphorous. Charming Kitten is believed to be an Iranian-based threat actor that... Read more

August 26, 2022
OriginLogger Picks Up Where Agent Tesla Left Off To Record Your Activities screenshot

OriginLogger Picks Up Where Agent Tesla Left Off To Record Your Activities

OriginLogger is the name of a newly discovered malicious tool. A detailed report on the malware was recently published by a research team with the Unit 42 division of Palo Alto Networks. OriginLogger has been... Read more

September 15, 2022
Beware: Shikitega Malware Targets Linux Systems screenshot

Beware: Shikitega Malware Targets Linux Systems

Shikitega is the name of a newly discovered piece of malware targeting devices that run Linux, specifically IoT devices and endpoints. The malware comes with a complex, multi-step infection chain and includes a... Read more

September 8, 2022
Behavior:Win32/Hive.ZY Detection & Removal screenshot

Behavior:Win32/Hive.ZY Detection & Removal

A recent Windows Defender detection caused a bit of a stir. There were multiple reports in early September 2022 about a detection that Defender identified as "Behavior:Win32/Hive.ZY" that caused some concern. The good... Read more

September 7, 2022
Background.js is a Suspicious File - Find Out Why screenshot

Background.js is a Suspicious File - Find Out Why

Background.js is a file that has caused some concern among users. A .js file is a chunk of JavaScript code. A file with the specific name "background.js" is commonly associated with Chrome browser extensions and is... Read more

August 31, 2022
What is Winlogson Cryptominer Malware? screenshot

What is Winlogson Cryptominer Malware?

Winlogson is the name of an executable file that comprises the payload of a cryptomining malware tool. Winlogson is very obviously named the way it is to resemble the legitimate Winlogon process as closely as... Read more

August 29, 2022
Beware! Grenam Malware Masquerades as MS Paint screenshot

Beware! Grenam Malware Masquerades as MS Paint

Grenam is the name of one part of a family of malicious files that has been identified by Microsoft's security researchers. The threat should be picked up by the instance of Microsoft Defender that you have running on... Read more

August 25, 2022