PurpleFox Resurfaces Via Spam Emails:Â A Look Into Its Recent Campaign
Cyble Research and Intelligence Labs analyzes PurpleFox’s recent campaign that resurfaces via spam emails.
Malware
Indian Taxpayers face a Multifaceted Threat with Drinik Malware’s Return
Cyble analyses the latest version of the Drinik malware, featuring newly added functionalities targeting Indian taxpayers.
Tatar-Language Users in the Crosshairs of Python Screenshotter
Key Takeaways • Cyble Research and Intelligence Labs (CRIL) came across Python malware capturing screenshots and sending them over FTP to remote attackers.• Proofpoint has observed similar campaigns in the recent past targeting the United States and Germany, with the perpetrator tracked as “TA866”.• This particular campaign targets Tatar language-speaking users who primarily reside in …
Tatar-Language Users in the Crosshairs of Python Screenshotter Read More »
AgentTesla Malware Targets Users with Malicious Control Panel File
Cyble Research and Intelligence Labs analyzes the distribution method of AgentTesla malware using malicious control panel files.
Sneaky XWorm Uses MultiStaged Attack
Threat Actors Leveraging WebDAV Servers for Covert Operations Threat Actors (TAs) frequently utilize multistage attacks to increase the likelihood of successfully delivering malicious payload by evading detection from antivirus products and creating a complex and intricate attack structure that poses challenges for analysis. The TAs commonly employ LOLBin (Living Off the Land Binary) in …
Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer
Cyble Research and Intelligence Labs analyzes Threat Actors spreading Luca Stealer disguised as a beta version of Microsoft Crypto Wallet.