Reversing malware in a custom format: Hidden Bee elements

When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-ste… Continue reading Reversing malware in a custom format: Hidden Bee elements

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.
Categories:

Exploits
Threat analysis

Tags: bootkitcryptominerdrive-by attackexploithidden beehidden bee minerMBR

(Read more…… Continue reading ‘Hidden Bee’ miner delivered via improved drive-by download toolkit