This blog post was authored by Jérôme Segura Although global e-commerce is continuing to grow rapidly, it seems as though Magecart…
Tag: threat intelligence
The many tentacles of Magecart Group 8
This blog post was authored by Jérôme Segura During the past couple of years online shopping has continued to increase at…
New variant of Konni malware used in campaign targetting Russia
This blog post was authored by Hossein Jazi In late July 2021, we identified an ongoing spear phishing campaign pushing Konni…
Crimea “manifesto” deploys VBA Rat using double attack vectors
This blog post was authored by Hossein Jazi. On July 21, 2021, we identified a suspicious document named “Манифест.docx” (“Manifest.docx”) that…
AvosLocker enters the ransomware scene, asks for partners
This blog post was authored by Hasherezade In mid-July we responded to an incident that involved an attack on a Microsoft…
Remcos RAT delivered via Visual Basic
This blog post was authored by Erika Noerenberg Introduction Over the past months, Malwarebytes researchers have been tracking a unique malspam…
Lil’ skimmer, the Magecart impersonator
This blog post was authored by Jérôme Segura A very common practice among criminals consists of mimicking legitimate infrastructure when registering…
Kimsuky APT continues to target South Korean government using AppleSeed backdoor
This blog post was authored by Hossein Jazi. The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North…
Revisiting the NSIS-based crypter
This blog post was authored by hasherezade NSIS (Nullsoft Scriptable Install System) is a framework dedicated to creating software installers. It…
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity
This blog post was authored by Jérôme Segura Web skimming continues to be a real and impactful threat to online merchants…