• This malware was seen delivered via malicious spam spoofing the brand DHL as the sender. It came as an .
    Read more   

  • This new version of KERBERDS, a known crypto-mining malware that uses an ld.so.
    Read more   

  • This new version of KERBERDS, a cryptomining malware that uses an ld.so.
    Read more   

  • This malware is part of the fileless botnet Novter that is delivered via the KovCoreG malvertising campaign.This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This malware is part of the fileless botnet Novter distributed by the KovCoreG malvertising campaign.This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This rootkit is used by Skidmap - a Linux malware - to hide its cryptocurrency-mining abilities.This Rootkit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This miner figured in the fileless GhostMiner that uses WMI Objects. GhostMiner is known to kill competing other miner payloads.
    Read more   

  • This backdoor is seen propagating via CVE-2018-18636, a cross-site scripting vulnerability affecting the wireless router D-Link DSL-2640T. This malware is capable of receiving commands to flood other systems.
    Read more   

  • This malware is part of an attack chain that involves searching for exposed or publicly accessible Elasticsearch databases/servers. The malware would invoke a shell with an attacker-crafted search query with encoded Java commands.
    Read more   

  • This backdoor is downloaded and installed in systems via malicious URL. It is installed with a miner.
    Read more