Malware

Beware! HUI Loader Linked with Chinese Threat Actors screenshot

Beware! HUI Loader Linked with Chinese Threat Actors

The HUI Loader malware has been around for several years. However, security researchers have only recently linked the malicious tool to a couple of Chinese threat actors who are believed to be backed by the state. The... Read more

June 27, 2022
Samurai Backdoor Used by New Threat Actor screenshot

Samurai Backdoor Used by New Threat Actor

A relatively new threat actor has pulled off multiple attacks against big targets in both Europe and Asia. The hacker group has been dubbed "ToddyCat" and one of the tools used by the outfit is the Samurai backdoor.... Read more

June 23, 2022
StealBit Malware screenshot

StealBit Malware

StealBit is the name of a piece of infostealing and data exfiltration malware that is a companion tool to the infamous LockBit ransomware. StealBit, as the name implies, is used to exfiltrate and steal sensitive... Read more

June 21, 2022
Rundll32.exe screenshot

Rundll32.exe

The file name Rundll32.exe has cropped up numerous times in relation to security concerns and threats. Before we go any further, however, we should make one thing very clear. Rundll32.exe is a legitimate Windows file.... Read more

June 15, 2022
Prime.exe Cryptominer Malware File Could Be Lurking on Your Computer Ready To Mine Cryptocurrency screenshot

Prime.exe Cryptominer Malware File Could Be Lurking on Your Computer Ready To Mine Cryptocurrency

Prime.exe is the file name of a newly discovered cryptomining malware. A cryptominer or coin miner malware is a type of malicious software that abuses the victim system's resources to mine cryptocurrency for the... Read more

June 9, 2022
'WinDealer' is Malware That Cannot Be Trusted screenshot

'WinDealer' is Malware That Cannot Be Trusted

Several new malware families have been identified by security researchers. One of them is called WinDealer and is associated with a threat actor named LuoYu. LuoYu has been around for over a decade, executing attacks... Read more

June 3, 2022
Quantum Builder Malware screenshot

Quantum Builder Malware

Security researchers with Cyble published a new report on the rise of malware using .lnk shortcut files to deliver their final payload. One highlight of the report was a .lnk file builder called Quantum. Quantum is... Read more

June 24, 2022
W97M.Downloader Malware screenshot

W97M.Downloader Malware

W97M.Downloader is the designation given to a piece of malicious software that was actively distributed in a campaign spreading banking malware that was most active in early 2016. The malware in question comprised a... Read more

June 22, 2022
Keona Clipper screenshot

Keona Clipper

Keona clipper is the name of a newly discovered strain of malware that affects Windows systems. As the name suggests, Keona is a clipper, which is the name broadly applies to clipboard monitoring and hijacking... Read more

June 16, 2022
FakeCrack Malware Spread Using Crack Sites screenshot

FakeCrack Malware Spread Using Crack Sites

Cracked software is used as a lure to spread cryptostealers in a new malicious campaign dubbed FakeCrack. The malicious payloads used in the campaign comprise infostealer malware strains that are capable of stealing... Read more

June 13, 2022
New SVCReady Spread Through Malspam Campaign screenshot

New SVCReady Spread Through Malspam Campaign

Security experts with the threat research branch of HP published their findings on a new strain of malware, dubbed SVCReady. The malware is being spread using malicious spam email campaigns. The first sighting of... Read more

June 8, 2022
Remove Redox Stealer Malware screenshot

Remove Redox Stealer Malware

Redox stealer is the name of a piece of malware that is focused on scraping and exfiltrating information from infected systems. The malware is being sold on the dark web, using hacker forums as its marketing platform.... Read more

June 3, 2022
IceXLoader Malware screenshot

IceXLoader Malware

IceXLoader is the name of a new piece of malware spotted in the wild in recent weeks. As the name suggests, IceXLoader is used as a loader - an intermediary type of malware used to deliver and load other components in... Read more

June 24, 2022
Win32/Heri Detection screenshot

Win32/Heri Detection

Win32/Heri is the name given by antivirus software to a heuristically-motivated detection. This means that the detection does not correspond to a specific known virus or malicious file found in the software's... Read more

June 22, 2022
SysWin.exe Malware screenshot

SysWin.exe Malware

SysWin.exe is the name of a file that is detected as several different types of malware by different anti-malware suites. While there is no consensus on what type of malware exactly SysWin.exe is, being detected as... Read more

June 15, 2022
Symbiote Linux Malware Flies Under the Radar screenshot

Symbiote Linux Malware Flies Under the Radar

Security experts with BlackBerry Threat Research published a joint research post on a new strain of Linux malware, dubbed Symbiote. The malware was first discovered in early 2022. Its main highlight is just how hard... Read more

June 10, 2022
What is CryptoWallet Clipper Malware? screenshot

What is CryptoWallet Clipper Malware?

Crypto is all the rage lately, that much is obvious, both from the amounts of money that crypto moves and from the empty GPU shelves in computer part stores. Of course, with that popularity comes an increased volume... Read more

June 8, 2022
EnemyBot Takes Aim at CMS Servers and Mobile Devices screenshot

EnemyBot Takes Aim at CMS Servers and Mobile Devices

Researchers with AT&T Alien Labs have picked apart a new botnet called EnemyBot. The malware is allegedly developed and used by the threat actor that goes by the name Keksec, also known as Kek Security and... Read more

May 30, 2022