Malware
NightClub Malware Linked to MoustachedBouncer Threat Actor
The malware known as NightClub possesses spyware and data theft capabilities. This malicious program exists in at least four versions, with the earliest variant dating back to 2014. The NightClub malware is employed... Read more
Cerobgar Malware - What Exactly Is It?
Cerobgar is the handle and designated name given to a heuristic detection that can signify the presence of a Trojan horse on the system. However, due to Cerobgar being a heuristic handle, it can be attached to a... Read more
RootTeam Stealer Malware
RootTeam is a malicious form of software, designed to gain unauthorized access to a system and steal sensitive information. It can remain hidden within the infected system for long periods of time, making it difficult... Read more
PoSetup.exe - What Is It?
PoSetup.exe is a file and process that has caused some concern for some users who were not sure what it is. In most situations, PoSetup.exe will be a legitimate file and process, but there are fringe cases where it... Read more
TinyNote Backdoor Employed by Chinese Threat Actor
Camaro Dragon, a Chinese nation-state group, has once again been connected to a new backdoor that serves its intelligence-gathering objectives. According to Israeli cybersecurity company Check Point, which named the... Read more
Beware of Bandit Stealer Targets Crypto Wallets
Cybersecurity researchers have picked apart a newly discovered stealthy malware named Bandit Stealer, which possesses the ability to target a wide range of web browsers and cryptocurrency wallets. This malware has... Read more
Agniane Stealer Grabs Various Information from Victims
Agniane is a malicious application that functions as a stealer, a specific type of malware designed to extract sensitive data from compromised machines. This stealer is particularly dedicated to pilfering information... Read more
CustomLoader Malware Infiltrates Vulnerable Computers
CustomLoader is a type of malware that is specifically designed to initiate chain infections by loading additional malicious components and programs onto compromised devices. It has been observed that CustomerLoader... Read more
SoundCloud Malware Distributed Through Compromised Accounts
This particular malware, referred to as the "SoundCloud virus," has been spreading harmful software by taking advantage of compromised user accounts on the legitimate SoundCloud platform. These compromised accounts... Read more
Beware! Malware Hides in Minecraft Modpacks
Cybersecurity experts are advising Minecraft players to refrain from downloading any new mods or plugins while they work on resolving a malware issue that has infiltrated the game. The malware, known as "fracturizer,"... Read more
Horabot Malware Targets Latin American Victims
Since late 2020, Spanish-speaking individuals in Latin America have faced a new form of malware known as Horabot. This botnet malware allows a threat actor to take control of a victim's Outlook mailbox, extract email... Read more
COSMICENERGY Malware Targets Industries
A recently discovered strain of malicious software has been uncovered, specifically designed to infiltrate and disrupt critical systems within industrial environments. Referred to as COSMICENERGY by Mandiant, a threat... Read more
Qwixx Stealer Goes After Sensitive Information
Qwixx is a type of malware known as a stealer, and its malicious operation involves extracting sensitive information from various applications installed on compromised systems. Specifically, Qwixx targets valuable... Read more
AVrecon Botnet Malware Attacks Thousands of Linux Routers
AVrecon is a Linux-based malware that has been causing significant trouble since May 2021. It has infected over 70,000 small office/home office (SOHO) routers, creating a botnet with the purpose of stealing bandwidth... Read more
Atlas Clipper Steals Sensitive Information
Atlas is classified as a type of malware known as a clipper. These malicious programs specifically target the clipboard function by replacing its content. In the case of Atlas, it focuses on cryptocurrency wallet... Read more
PowerDrop Malware Uses PowerShell
A previously unidentified threat actor has been observed directing its focus towards the U.S. aerospace industry, employing a newly developed malware known as PowerDrop, which operates through PowerShell. According to... Read more
SeroXen RAT - a Fileless Threat That Evades Detection
Security analysts are currently monitoring an emerging fileless remote access trojan (RAT) called SeroXen, designed to outsmart numerous EDR systems. SeroXen is actually a modified version of a legitimate remote... Read more
PowerExchange Malware Targets UAE Government Bodies
A new form of malicious software has been identified, dubbed PowerExchange, which is believed to have been used by the Iranian state-backed hacking group APT34, also known as Oilrig. This PowerShell-based malware was... Read more