IntroductionZloader (a.k.a. Terdot, DELoader, or Silent Night) is a modular trojan based on leaked ZeuS source code. As detailed in our previous blog, Zloader reemerged following an almost two-year hiatus with a new iteration that included modifications to its obfuscation techniques, domain generation algorithm (DGA), and network communication.Most recently, Zloader ... Read More

Introduction Zloader (aka Terdot, DELoader, or Silent Night), is a modular trojan born from the leaked Zeus source code. It surfaced publicly in 2016 during a targeted campaign against German banks1, but its malicious activity traces back to at least August 2015. Zloader’s first run persisted until the beginning of ... Read More

Key Points CryptNet is a new ransomware-as-a-service that has been advertised in underground forums since at least April 2023 The CryptNet threat group claims to perform double extortion attacks by combining data exfiltration with file encryption The ransomware code is written in the .NET programming language CryptNet uses 256-bit AES ... Read More