This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove 2007 Remove Encryption Remove File names Remove Security
article thumbnail

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Security Affairs

OCTOBER 21, 2021

The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007.

Ransomware 125
Ransomware File names Encryption Government 125
article thumbnail

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. Spyder Loader loads AES-encrypted blobs to create the wlbsctrl.dll which acts as a next-stage loader that executes the content. ” continues the report. Follow me on Twitter: @securityaffairs and Facebook.

File names 118
File names Encryption Manufacturing Libraries 118
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Dacls Bot include command execution, file management, process management, test network access, C2 connection agent, and network scanning.

CMS 79
CMS File names Encryption Access 79
article thumbnail

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. File name: patent-2019-02-20T093A283A05-1.xls File name : 68131_46_20190219.doc Technical Analysis.

File names 86
File names Phishing Libraries IT 86
article thumbnail

Redfly group infiltrated an Asian national grid as long as six months?

Security Affairs

SEPTEMBER 13, 2023

The APT41 group (aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Attackers also a Packerloader tool to load and execute shellcode, which is stored in a file in an encrypted form. ” continyes the report. alg.exe -accepteula -ma lsass.exe z1.dmp

File names 122
File names Access Encryption Communications 122
article thumbnail

North Korea-linked Lazarus APT uses first Mac malware in cryptocurrency exchange attack

Security Affairs

AUGUST 24, 2018

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Once the Cellas Trade Pro app is installed on macOS, it launches the Updater application on the system load via a file named “.com.celastradepro.plist.”.

File names 44
File names Encryption IT Security 44
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 55,000+ Insiders by signing up for our newsletter

About
Awards
About
Editions
Awards
Editions
Topics
Twitter
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024