Malware

Beware! HUI Loader Linked with Chinese Threat Actors
The HUI Loader malware has been around for several years. However, security researchers have only recently linked the malicious tool to a couple of Chinese threat actors who are believed to be backed by the state. The... Read more

Samurai Backdoor Used by New Threat Actor
A relatively new threat actor has pulled off multiple attacks against big targets in both Europe and Asia. The hacker group has been dubbed "ToddyCat" and one of the tools used by the outfit is the Samurai backdoor.... Read more

StealBit Malware
StealBit is the name of a piece of infostealing and data exfiltration malware that is a companion tool to the infamous LockBit ransomware. StealBit, as the name implies, is used to exfiltrate and steal sensitive... Read more

Rundll32.exe
The file name Rundll32.exe has cropped up numerous times in relation to security concerns and threats. Before we go any further, however, we should make one thing very clear. Rundll32.exe is a legitimate Windows file.... Read more

Prime.exe Cryptominer Malware File Could Be Lurking on Your Computer Ready To Mine Cryptocurrency
Prime.exe is the file name of a newly discovered cryptomining malware. A cryptominer or coin miner malware is a type of malicious software that abuses the victim system's resources to mine cryptocurrency for the... Read more

'WinDealer' is Malware That Cannot Be Trusted
Several new malware families have been identified by security researchers. One of them is called WinDealer and is associated with a threat actor named LuoYu. LuoYu has been around for over a decade, executing attacks... Read more

Quantum Builder Malware
Security researchers with Cyble published a new report on the rise of malware using .lnk shortcut files to deliver their final payload. One highlight of the report was a .lnk file builder called Quantum. Quantum is... Read more

W97M.Downloader Malware
W97M.Downloader is the designation given to a piece of malicious software that was actively distributed in a campaign spreading banking malware that was most active in early 2016. The malware in question comprised a... Read more

Keona Clipper
Keona clipper is the name of a newly discovered strain of malware that affects Windows systems. As the name suggests, Keona is a clipper, which is the name broadly applies to clipboard monitoring and hijacking... Read more

FakeCrack Malware Spread Using Crack Sites
Cracked software is used as a lure to spread cryptostealers in a new malicious campaign dubbed FakeCrack. The malicious payloads used in the campaign comprise infostealer malware strains that are capable of stealing... Read more

New SVCReady Spread Through Malspam Campaign
Security experts with the threat research branch of HP published their findings on a new strain of malware, dubbed SVCReady. The malware is being spread using malicious spam email campaigns. The first sighting of... Read more

Remove Redox Stealer Malware
Redox stealer is the name of a piece of malware that is focused on scraping and exfiltrating information from infected systems. The malware is being sold on the dark web, using hacker forums as its marketing platform.... Read more

IceXLoader Malware
IceXLoader is the name of a new piece of malware spotted in the wild in recent weeks. As the name suggests, IceXLoader is used as a loader - an intermediary type of malware used to deliver and load other components in... Read more

Win32/Heri Detection
Win32/Heri is the name given by antivirus software to a heuristically-motivated detection. This means that the detection does not correspond to a specific known virus or malicious file found in the software's... Read more

SysWin.exe Malware
SysWin.exe is the name of a file that is detected as several different types of malware by different anti-malware suites. While there is no consensus on what type of malware exactly SysWin.exe is, being detected as... Read more

Symbiote Linux Malware Flies Under the Radar
Security experts with BlackBerry Threat Research published a joint research post on a new strain of Linux malware, dubbed Symbiote. The malware was first discovered in early 2022. Its main highlight is just how hard... Read more

What is CryptoWallet Clipper Malware?
Crypto is all the rage lately, that much is obvious, both from the amounts of money that crypto moves and from the empty GPU shelves in computer part stores. Of course, with that popularity comes an increased volume... Read more

EnemyBot Takes Aim at CMS Servers and Mobile Devices
Researchers with AT&T Alien Labs have picked apart a new botnet called EnemyBot. The malware is allegedly developed and used by the threat actor that goes by the name Keksec, also known as Kek Security and... Read more