Estimated reading time: 6 minutes
Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In...
Estimated reading time: 8 minutes
Demystifying PKT and Monero Cryptocurrency deployed on MSSQL servers The world is rapidly transitioning into the digital age, reshaping how we communicate, work, and conduct financial transactions. This shift is driven by advancements in technology, increased internet accessibility, and...
Estimated reading time: 10 minutes
XELERA Ransomware Campaign: Fake Food Corporation of India Job Offers Targeting Tech Aspirants Table of Contents Introduction Initial Findings. Infection Chain. Technical Analysis. Initial Infection – Malicious Document. Second Stage – Malicious PyInstaller Executable. Final Stage – Malicious Python...
Estimated reading time: 4 minutes
Exposed SMB: The Hidden Risk Behind ‘WantToCry’ Ransomware Attacks Introduction In today’s digital landscape, ransomware attacks are evolving at an alarming rate, leveraging overlooked vulnerabilities to infiltrate systems. One such weakness is misconfigured Server Message Block (SMB) services, which...Estimated reading time: 10 minutes
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Contents Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Campaign 1 Looking into the malicious email Looking into decoy document. Campaign 2 Looking into the malicious...
Estimated reading time: 8 minutes
Recently, Seqrite Lab saw a phishing campaign delivering formbook stealers through email attachments. Formbook, as seen since 2016, has evolved in many ways from stealth features to evasion techniques. Being sold on hacking forums as Malware as a Service,...
Estimated reading time: 5 minutes
Introduction: Attackers are continuously developing different techniques to infect systems and steal sensitive information. A recent campaign a multi-stage infection chain that starts with a LNK file, which lures the victim into opening an invoice in a web browser....
Estimated reading time: 4 minutes
Introduction XWorm is an evasive and flexible malware recognized for its modular design. It uses obfuscation techniques to avoid detection. It communicates with a Command and Control server and executes malicious activities. After execution, the malware decrypts its configuration...
Estimated reading time: 11 minutes
Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan. Contents Introduction Key Targets. Industries Affected. Geographical Focus. Initial Findings. Looking into the decoy-document – I Looking into the decoy-document – II Infection Chain. Technical Analysis...
Estimated reading time: 9 minutes
Seqrite Labs APT-Team has recently found a campaign targeting the Czech Republic. The campaign targets government and military officials with multiple lures aimed at the relationship between NATO and the Czech Republic. The entire malware ecosystem is involved in...