What's new
CyberArsenal

Welcome to the forum. We focus on computer and network security as well as reverse engineering - you should sign up to see content and better yet participate. There is no payment, credits system, reply-to-reveal, or any of that here. We want quality over quantity. This is an experiment and the idea is to build a good natured and mature/professional community. Please be kind and share! Thanks.

Threat intelligence

fairycn

fairycn

Administrator
Staff member
Share some threat intelligence or malware analysis reports here

Malware
  • GetSymbo
The tool also has the ability to download and execute arbitrary code from an attacker-controlled domain. If you have downloaded or run this tool, TAG recommends taking precautions to ensure your system is in a known clean state, likely requiring a reinstall of the operating system.
Analytical article :https://blog.google/threat-analysis...rean-campaign-targeting-security-researchers/
 
Last edited:

Threat intelligence

Deceptive Cracked Software Spreads Lumma Variant on YouTube​

From https://www.fortinet.com/blog/threat-research/lumma-variant-on-youtube
Content excerpts, for full content please see the original posting address

Initial Infection Vector​

The hacker initially breaches a YouTuber's account and uploads videos masquerading as sharing cracked software. Figure 3 shows the video descriptions in which a malicious URL is embedded, enticing users to download a ZIP file that harbors malicious content for the next stage of the attack. The videos were uploaded earlier this year, but the files on the file-sharing site receive regular updates (Figure 4), and the number of downloads keeps growing. This indicates that the ZIP file is always new and that this method effectively spreads malware.
1704954144767.png
 
You must log in or register to reply here.
Top