trend micro research : research – Page 6

Examining Water Sigbin’s Infection Routine Leading to an XMRig Cryptominer

June 27, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber threats, trend micro research : exploits & vulnerabilities, trend micro research : malware, trend micro research : research

Credit to Author: Ahmed Mohamed Ibrahim | Date: Fri, 28 Jun 2024 00:00:00 +0000

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner.

Security TrendMicro

ICO Scams Leverage 2024 Olympics to Lure Victims, Use AI for Fake Sites

June 27, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : artificial intelligence (ai), trend micro research : cyber crime, trend micro research : research

Credit to Author: Cedric Pernet| Date: Thu, 27 Jun 2024 00:00:00 +0000

In this blog we uncover threat actors using the 2024 Olympics to lure victims into investing in an initial coin offering (ICO). Similar schemes have been found to use AI-generated images for their fake ICO websites.

Security TrendMicro

Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework

June 19, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Peter Girnus| Date: Wed, 19 Jun 2024 00:00:00 +0000

We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI files contain legitimate software installer files for AI software and other popular software but are bundled with malicious Winos payloads.

Security TrendMicro

Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups

June 14, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Hara Hiroaki| Date: Tue, 11 Jun 2024 00:00:00 +0000

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.

Security TrendMicro

Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups

June 11, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : endpoints, trend micro research : malware, trend micro research : research

Credit to Author: Hara Hiroaki| Date: Tue, 11 Jun 2024 00:00:00 +0000

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.

Security TrendMicro

Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers

June 6, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : malware, trend micro research : research

Credit to Author: Sunil Bharti| Date: Thu, 06 Jun 2024 00:00:00 +0000

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project.

Security TrendMicro

Decoding Water Sigbin’s Latest Obfuscation Tricks

May 29, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cloud, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : reports, trend micro research : research

Credit to Author: Sunil Bharti| Date: Thu, 30 May 2024 00:00:00 +0000

Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.

Security TrendMicro

Tracking the Progression of Earth Hundun’s Cyberespionage Campaign in 2024

May 16, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : malware, trend micro research : research

Credit to Author: Pierre Lee| Date: Thu, 16 May 2024 00:00:00 +0000

This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun’s arsenal — operate, based on a campaign from 2024.

Security TrendMicro

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

May 1, 2024 0 Comments trend micro research : apt & targeted attacks, trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : reports, trend micro research : research

Credit to Author: Feike Hacquebord| Date: Wed, 01 May 2024 00:00:00 +0000

This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm’s exploitation of EdgeRouters, complementing the FBI’s advisory from February 27, 2024.

Security TrendMicro

The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider

April 17, 2024 0 Comments trend micro research : articles, news, reports, trend micro research : cyber crime, trend micro research : cyber threats, trend micro research : latest news, trend micro research : research

Credit to Author: Trend Micro Research| Date: Thu, 18 Apr 2024 00:00:00 +0000

On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.