Single Article Archives

Re-Infected: The Persistent Threat of Infostealers

Having your data stolen once is bad enough, but for some people, it happens repeatedly. Infostealer infections are not a new phenomenon in the cybersecurity world,…

Jul 8, 2024 4 min read

Blog Post

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the suspicious behavior was…

Jul 3, 2024 12 min read

Blog Post

Open-Sourced Infostealers About to Fuel New Wave of Computer Infections

A potential shift in Infostealers might be happening again. Traditionally, teams of cybercriminals develop an Infostealer family (variant) such as Redline, Lumma, Raccoon, etc., and rent…

Jul 1, 2024 4 min read

Hudson Rock

ID Verification Service for X & TikTok Breached due to an Infostealer Infection

AU10TIX, a company that verifies the identities of TikTok, Uber, and X users, sometimes by processing photographs of their faces and pictures of their drivers’ licenses,…

Jun 27, 2024 3 min read

Blog Post

Fickle Stealer Distributed via Multiple Attack Chain

Affected Platforms: Microsoft WindowsImpacted Users: Microsoft WindowsImpact: The stolen information can be used for future attackSeverity Level: High The past few years have seen a significant increase in the number…

Jun 21, 2024 17 min read

Blog Post

Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion

Case Summary It was a quiet Monday morning in March 2024 when the EDR researchers with our Trellix Advanced Research Center identified an interesting sequence of…

Jun 21, 2024 16 min read

Hudson Rock

Infostealers Webinar – Hudson Rock

Learn about Infostealers with actual real life breaches caused by Infostealer infections with Leonid Rozenberg, Hudson Rock's Head of Partnerships & Integrations. To discover how your…

Jun 19, 2024 1 min read

Infostealers

Almost every cyber attack begins at a key ingredient: an Infostealer

Infostealers commit close to the perfect crime. They sneak into your computer, grab your logins, passwords, and anything of value, and then delete themselves on the…

Jun 19, 2024 1 min read

Blog Post

Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster.

I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the words of Microsoft CEO Satya Nadella- takes “screenshots” of…

Jun 8, 2024 11 min read

Uncategorized

Iluria Stealer; a Variant of Another Discord Stealer

EXECUTIVE SUMMARY At CYFIRMA, we are committed to offering up-to-date insights into prevalent threats and tactics employed by malicious actors who target organizations and individuals. The…

Jun 8, 2024 7 min read

Malware

Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies

The adversaries use the open-source SapphireStealer to create their own Infostealer malware for collecting employee authentication data from Russian companies. Since March 2024, the BI.ZONE Threat Intelligence team…

Jun 8, 2024 7 min read

Malware

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting

Executive summary In mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as APK, EXE and…

May 29, 2024 7 min read