Search found 50 matches

by r0ny
Thu Dec 06, 2018 6:54 am
Forum: Completed Malware Requests
Topic: Looking for presumably NATO supplied APT
Replies: 1
Views: 129

Re: Looking for presumably NATO supplied APT

all but 2abb76d71fb1b43173589f56e461011b
by r0ny
Tue Nov 20, 2018 5:05 pm
Forum: Completed Malware Requests
Topic: APT28 Sofacy
Replies: 1
Views: 238

APT28 Sofacy

Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan ref: https://researchcenter.paloaltonetworks.com/2018/11/unit42-sofacy-continues-global-attacks-wheels-new-cannon-trojan/ IOcs: fb5b1c2fccf21aa076449ecdf6f888d1 ccd2e208c308b56acb5fb86dd029c034 efa1b414bf19ee295cc90f29332de4ed 843ed...
by r0ny
Mon Nov 12, 2018 2:13 pm
Forum: Completed Malware Requests
Topic: Operation Mystery Baby
Replies: 1
Views: 239

Operation Mystery Baby

A hacker group likely supported by North Korea has launched an advanced persistent threat (APT) attack by inserting malicious code in a popular South Korean security program. APT attacks are typically characterized by being sophisticated, long-term attacks aimed at monitoring information and stealin...
by r0ny
Wed Oct 24, 2018 6:39 pm
Forum: Completed Malware Requests
Topic: Tick
Replies: 1
Views: 315

Tick

Tracking Tick Through Recent Campaigns Targeting East Asia Since 2016, an advanced threat group that Cisco Talos is tracking has carried out cyberattacks against South Korea and Japan. This group is known by several different names: Tick, Redbaldknight and Bronze Butler. Although each campaign empl...
by r0ny
Sun Sep 30, 2018 12:25 pm
Forum: Malware
Topic: LoJax(UEFI rootkit)
Replies: 4
Views: 1366

LoJax(UEFI rootkit)

LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group ref: https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/ IOCs: 4b9e71615b37aea1eaeb5b1cfa0eee048118ff72 1771e435ba25f9cdfa77168899490d87681f2029 ddaa06a4021baf980a08caea899f2904...
by r0ny
Fri Sep 21, 2018 3:58 pm
Forum: Malware
Topic: Xbash Linux ver
Replies: 3
Views: 867

Xbash

Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux and Windows ref: https://researchcenter.paloaltonetworks.com/2018/09/unit42-xbash-combines-botnet-ransomware-coinmining-worm-targets-linux-windows/ IOCs: f888dda9ca1876eba12ffb55a7a993bd1f5a622a30045a675da4955ede3e4cb8 31155bf8...
by r0ny
Fri Sep 14, 2018 3:43 pm
Forum: Completed Malware Requests
Topic: OceanLotus
Replies: 1
Views: 988

OceanLotus

The 360 ​​Threat Intelligence Center recently discovered the new CVE-2017-11882 vulnerability document used by Sea Lotus. Through the analysis of the vulnerability document and related attacks, we linked the organization's recent attacks against South Asian countries. And found a suspected "Hai Lian...
by r0ny
Tue Sep 04, 2018 2:38 pm
Forum: Completed Malware Requests
Topic: Operation AppleJeus
Replies: 1
Views: 1992

Operation AppleJeus

Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware ref: https://securelist.com/operation-applejeus/87553/ IOCs: d555dcb6da4a6b87e256ef75c0150780b8a343c4a1e09935b0647f01d974d94d e2199fc4e4b31f7e4c61f6d9038577633ed6ad787718ed7c39b36f316f38befd 08012e68f4f84...
by r0ny
Thu Aug 30, 2018 6:21 pm
Forum: Completed Malware Requests
Topic: Malicious Docs
Replies: 1
Views: 1595

Malicious Docs

The attackers behind Olympic Destroyer are now targeting financial organizations in Russia, and biological and chemical threat prevention laboratories in Europe and Ukraine. They continue to use a non-binary executable infection vector and obfuscated scripts to evade detection. ref: https://secureli...
by r0ny
Wed Aug 22, 2018 3:53 pm
Forum: Completed Malware Requests
Topic: Operation Rocket Man
Replies: 1
Views: 1369

Operation Rocket Man

The latest APT campaign of Venus 121 Group - 'Operation Rocket Man' ref: http://blog.alyac.co.kr/1853 IOCs: af6721145079a05da53c8d0f3656c65c 1213e5a0be1fbd9a7103ab08fe8ea5cb edc1bdb2d70e36891826fdd58682b6c4 b710e5a4ca00a52f6297a3cc7190393a 05eef00de73498167b2d7ebdc492c429 84cbbb8cdad90fba8b964297dd...