ZetaNile: Open source software trojans from North Korea
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC ... Read More
ZetaNile: Open source software trojans from North Korea
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC ... Read More
GwisinLocker ransomware targets South Korean industrial and pharma firms
Taking its name from “Gwisin,” a Korean term for “ghost” or “spirit,” GwisinLocker is a new ransomware family that targets South Korean industrial and pharmaceutical companies. ... Read More
Threat analysis: Follina exploit fuels ‘live-off-the-land’ attacks
An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to achieve persistent access in victim environments and turbo-charge efforts to ‘live off the land’ and avoid detection by security monitoring tools. ... Read More
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks. Executive Summary ReversingLabs recently discovered of a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks. Our ... Read More