Felipe, a new infostealer Trojan
The Zscaler ThreatLabZ team came across a new strain of infostealer Trojan called Felipe, which silently installs itself onto a user’s system and connects to a command-and-control (C&C) server to send system information from the compromised system. This malware is compiled for both 32-bit and 64-bit Windows operating systems. Felipe ... Read More
Murkios bot drops files and controls system remotely
The Zscaler ThreatLabZ team came across the Murkios bot, which silently installs itself onto a user’s system and connects to a command-and-control (C&C) server by opening Secure Shell (SSH) terminals from the compromised system. This bot also installs “Plink,” which is legitimate remote sharing software that runs via command prompt ... Read More
Independence Day greeting campaign delivers Emotet
Recently, Zscaler's research team, ThreatLabZ, came across malicious Microsoft Office documents delivering Emotet malware via attachments using "Greeting Card" as the document name. The malware author leveraged the popular 4th of July holiday, the USA's Independence Day, to lure users into downloading and opening the malicious documents. We saw over ... Read More
njRAT pushes Lime ransomware and bitcoin wallet stealer
njRAT, also known as Bladabindi, is a remote access Trojan (RAT) that was first seen in 2013 and continues to be one of the most prevalent malware family. It was developed using the Microsoft .NET framework and, like many other RATs, provides complete control of the infected system and delivers ... Read More
