Malware Analysis

VanHelsing Ransomware: Technical Analysis and Mitigation Strategies

Malware Analysis

VanHelsing Ransomware: Technical Analysis and Mitigation Strategies

The emergence of VanHelsing ransomware in March 2025 has raised significant concerns due to its ransomware-as-a-service (RaaS)...

Fake DeepSeek Google Ads Deliver Malware: Technical Analysis & Mitigation

Malware Analysis

Fake DeepSeek Google Ads Deliver Malware: Technical Analysis & Mitigation

Cybercriminals are exploiting DeepSeek’s growing popularity by distributing malware through fake sponsored Google ads, according to a...

SHELBY Malware Campaign: GitHub Abuse for C2 Operations in Iraqi Telecom Attacks

Malware Analysis

SHELBY Malware Campaign: GitHub Abuse for C2 Operations in Iraqi Telecom Attacks

Elastic Security Labs has uncovered a sophisticated malware campaign targeting Iraq’s telecommunications sector, utilizing a new malware...

LummaC2 Malware Targets Windows Users Through Fake Total Commander Crack

Malware Analysis

LummaC2 Malware Targets Windows Users Through Fake Total Commander Crack

Security researchers have uncovered a sophisticated malware campaign distributing the LummaC2 information stealer disguised as a cracked...

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

Malware Analysis

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

A newly discovered malware campaign is leveraging the JPHP interpreter – a PHP implementation running on the...

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

Malware Analysis

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

A sophisticated malware campaign dubbed “Arcane Stealer” is actively targeting gamers and VPN users through compromised YouTube...

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

Malware Analysis

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

A new variant of the POWLOAD Trojan has emerged, leveraging COVID-19 themes to target Italian users through...

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Malware Analysis

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

A new malware campaign has been identified distributing trojanized versions of Zoom installers bundled with cryptocurrency mining...

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Malware Analysis

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

A newly identified backdoor malware, Backdoor.Win32.DEVILSHADOW.THEAABO, has been discovered embedded in counterfeit Zoom installer packages. This threat...

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Malware Analysis

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Backdoor.MSIL.BLADABINDI.THA represents a concerning Windows-based backdoor malware that security teams should monitor, particularly due to its recent...

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Malware Analysis

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.MSIL.SUPERNOVA.A represents a significant Windows-based threat with high damage potential despite its currently limited distribution. First identified...

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Malware Analysis

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Trojan.INF.HIDDENTEAR.THAOGBA is a Windows-based Trojan classified as low-risk by Trend Micro. It spreads through malicious downloads or...

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Malware Analysis

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Summary: Ransom.MSIL.COBRALOCKER.AA represents a Windows-targeting ransomware strain first identified in January 2021, demonstrating low distribution but high...

Ransom.Win32.MAOLOA.THAAHBA: Technical Analysis of a Windows Ransomware Strain

Malware Analysis

Ransom.Win32.MAOLOA.THAAHBA: Technical Analysis of a Windows Ransomware Strain

Ransom.Win32.MAOLOA.THAAHBA is a targeted ransomware variant affecting Windows systems, first observed in January 2021. While classified as...

Ransom.MSIL.THANOS.THABGBA: A Low-Prevalence but High-Impact Ransomware Threat

Malware Analysis

Ransom.MSIL.THANOS.THABGBA: A Low-Prevalence but High-Impact Ransomware Threat

Ransom.MSIL.THANOS.THABGBA is a ransomware strain targeting Windows systems, classified as a low-risk threat due to its limited...

DEARCRY Ransomware: Technical Analysis of a High-Risk Threat Targeting Microsoft Exchange Servers

Malware Analysis

DEARCRY Ransomware: Technical Analysis of a High-Risk Threat Targeting Microsoft Exchange Servers

Summary: Ransom.Win32.DEARCRY.THCABBA represents a significant cybersecurity threat despite its relatively low prevalence. First identified in March 2021,...

ASTROLOCKER Ransomware: Technical Analysis and Defense Strategies

Malware Analysis

ASTROLOCKER Ransomware: Technical Analysis and Defense Strategies

The Ransom.Win64.ASTROLOCKER.THCBDBA ransomware represents a moderate-risk threat with high damage potential, primarily targeting Windows environments. First documented...

ASTROLOCKER Ransomware: Technical Analysis of a Mount Locker Affiliate Strain

Malware Analysis

ASTROLOCKER Ransomware: Technical Analysis of a Mount Locker Affiliate Strain

Ransom.Win32.ASTROLOCKER.A represents a lesser-known but technically sophisticated ransomware strain with potential ties to the Mount Locker operation....

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

Malware Analysis

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

TrojanSpy.MSIL.REDLINESTEALER.YXBDM represents a sophisticated information-stealing malware targeting Windows systems, first identified by Trend Micro researchers in April...

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

Malware Analysis

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

TrojanSpy.MSIL.REDLINESTEALER.YXBDN represents a sophisticated Windows-based information stealer with demonstrated capabilities in credential harvesting across multiple applications. First...

Posts pagination

1 2 Next

Malware Analysis

VanHelsing Ransomware: Technical Analysis and Mitigation Strategies

Fake DeepSeek Google Ads Deliver Malware: Technical Analysis & Mitigation

SHELBY Malware Campaign: GitHub Abuse for C2 Operations in Iraqi Telecom Attacks

LummaC2 Malware Targets Windows Users Through Fake Total Commander Crack

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Ransom.Win32.MAOLOA.THAAHBA: Technical Analysis of a Windows Ransomware Strain

Ransom.MSIL.THANOS.THABGBA: A Low-Prevalence but High-Impact Ransomware Threat

DEARCRY Ransomware: Technical Analysis of a High-Risk Threat Targeting Microsoft Exchange Servers

ASTROLOCKER Ransomware: Technical Analysis and Defense Strategies

ASTROLOCKER Ransomware: Technical Analysis of a Mount Locker Affiliate Strain

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

You may have missed

Hong Kong Data Breach: 128,000 Records Exposed Due to System Neglect and Outdated Infrastructure

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

National Defense Corporation Ransomware Attack: Breach Disclosed, Ransom Refused

Lucid PhaaS Platform Targets iOS and Android Users via iMessage and RCS