Nadav Lorber, Author at Security Boulevard
2021 Jupyter  copy 2

New Jupyter Evasive Delivery through MSI Installer

Introduction In 2020, Morphisec introduced the Jupyter infostealer, a .NET attack that primarily targets Chromium, Firefox, and Chrome browser data while also maintaining the additional capabilities of a backdoor.  ... Read More
snip3 crypter revealed

Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader

Introduction Morphisec has recently monitored a highly sophisticated Crypter-as-a-Service that delivers numerous RAT families onto target machines. The Crypter is most commonly delivered through phishing emails, which lead to the download of a visual basic file. In some cases, however, the attack chain starts with a large install file, such ... Read More
HCrypt-Featured

Tracking HCrypt: An Active Crypter as a Service

Introduction During 2021 Morphisec identified an increased usage of the “HCrypt” crypter. In this post, we will lockpick “HCrypt” – a crypter as a service that is marketed as a FUD (fully undetectable) loader for the client`s RAT of choice. We chose to dissect the crypter’s operations along with tracking ... Read More
CinaRAT Resurfaces

CinaRAT Resurfaces With New Evasive Tactics and Techniques

Introduction In this post, we will be covering CinaRAT loader`s evasive TTPs (tactics, techniques, and procedures) as have been identified and prevented by Morphisec’s zero-trust endpoint security solution, powered by moving target defense technology.  ... Read More