MasterMana botnet hits users by evading detection with URL shorteners

By Waqas
Dubbed MasterMana by researchers; the botnet utilizes every available option to target its victims including dropping backdoors and phishing attacks through business email compromise commonly known as BEC.
This is a post from HackRead.com Read… Continue reading MasterMana botnet hits users by evading detection with URL shorteners

Mapping Out a Malware Distribution Network

More than a dozen US-based web servers were used to host 10 malware families, distributed through mass phishing campaigns. Malware families include Dridex, GandCrab, Neutrino, IcedID and others. Evidence suggests the existence of distinct threat actors… Continue reading Mapping Out a Malware Distribution Network

STOP Ransomware Variant Installing Azorult Infostealer

A variant of the STOP ransomware family is downloading the Azorult infostealer onto victim’s machines as part of its infection process. Security researcher Michael Gillespie was the first to detect this malicious activity. While testing some of t… Continue reading STOP Ransomware Variant Installing Azorult Infostealer

Azorult via fake Chinese Government New Import Export Regulations

I am quite impressed with the level of Social Engineering with this malware delivery Malspam campaign. With Brexit fast approaching and the likelihood of no deal between UK and Europe, many companies are increasingly  trying to build a relationship wit… Continue reading Azorult via fake Chinese Government New Import Export Regulations

Necurs Botnet Launches Campaign Against Banks

The Necurs botnet has been observed pushing an unusual malware campaign that almost exclusively targets users and employees within the financial sector. Necurs is one of the largest and longest-lived botnet that’s still in operation today. Over t… Continue reading Necurs Botnet Launches Campaign Against Banks

False Invoice Due email with password protected attachment delivers malware

This generic email with the subject of “Invoice Due”  coming from  help@simplexhealthcare.info with a malicious password protected word doc attachment  does eventually deliver some sort of malware. Recently password protected word docs have… Continue reading False Invoice Due email with password protected attachment delivers malware