Collaborate Disseminate
A new version of the typically platform-agnostic Adwind trojan has been spotted targeting Windows applications and systems and Chromium-based browsers. Continue reading New Adwind Variant Targets Windows, Chromium Credentials
Digital criminals have launched a new attack campaign that they’re using to target U.S. petroleum companies with the Adwind RAT. Netskope discovered the operation in the beginning of September and found that it was distributing the Adwind RAT fro… Continue reading Attackers Targeting U.S. Petroleum Companies with Adwind RAT
A phishing campaign targeting utility grid operators uses a PDF attachment to deliver spyware. Continue reading Adwind Spyware-as-a-Service Attacks Utility Grid Operators
I published the following diary on isc.sans.edu: “Malware Delivered Through MHT Files“: What are MHT files? Microsoft is a wonderful source of multiple file formats. MHT files are web page archives. Usually, a web page is based on a piece of HTML code with links to external resources, images and other
[The post [SANS ISC] Malware Delivered Through MHT Files has been first published on /dev/random]
Continue reading [SANS ISC] Malware Delivered Through MHT Files
Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many obfuscation steps and implementation languages. During the an… Continue reading Interesting hidden threat since years ?
By Waqas
Hackers are becoming persistent in phishing scams against banking and
This is a post from HackRead.com Read the original post: “Wire bank transfer” malware phishing scam hits SWIFT banking system
Continue reading “Wire bank transfer” malware phishing scam hits SWIFT banking system
We take a look at Adwind, one of the most popular Java Remote Administration Tool. This RAT was distributed via a phishing email and amongst other things, can steal credentials or capture screenshots on the infected machine.Categories: Cybercrime
Malw… Continue reading From a fake wallet to a Java RAT
Symantec writes:
Cybercriminals are using clickbait, promising a video showing Democratic Party presidential nominee Hillary Clinton exchanging money with an ISIS leader, in order to distribute malicious spam emails.
The email’s subject announces “Clinton Deal ISIS Leader caught on Video,” however there is no video contained in the email, just malware. Adding to the enticement, the email body also discusses voting, asking recipients to “decide on who to vote [for]” after watching the non-existent clip.
Attached to the email is a ZIP archive, containing a Java file. Make the mistake of opening the Java file (in the mistaken belief that you are going to see a controversial video) and you will be infecting your computer with the Adwind backdoor Trojan horse.
It’s not unusual for criminals to use these kind of disguises to make their malicious emails more tempting to click on, and we’ve seen attacks like this during previous presidential election campaigns. Expect more of the same, and be on your guard.
Continue reading Video of Hillary Clinton meeting ISIS leader? Nah, it’s a malware attack
Malicious attachment contains Adwind cross-platform remote access Trojan.Read More Continue reading Non-existent video involving Hillary Clinton and ISIS leader used as bait in malicious spam
Malicious attachment contains Adwind cross-platform remote access Trojan.Read More Continue reading Non-existent video involving Hillary Clinton and ISIS leader used as bait in malicious spam