Cybercrime & Digital Threats

Starting this year, Ryuk began using another dropper called BazarLoader (also known as BazarBackdoor), which is primarily distributed via phishing emails that contain either malicious attachments or links to websites that host malware.

Our underground monitoring revealed several ways how criminals have been entertaining themselves during isolation, with normal activities that offer cyber-crime-related prizes.

Bulletproof hosting (BPH) services have long been crucial parts of the cybercriminal infrastructure. How do they protect malicious activities, and how do cybercriminals use them to stay in business?

Our infographic shows how Trend Micro XDR is designed to combat threats like Ryuk using machine learning and analytics to correlate various events across multiple layers.

Recent spam campaigns leading to URSA/Mispadu has been uncovered. This attack targets systems with Spanish and Portuguese as system languages.

The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.

Hackers spread messages supposedly sent from Instagram Help Center claiming that the user's account is at risk of being deleted.

Darkside ransomware surfaced, operators behind Crysis/Dharma released a hacking toolkit, a targeted email campaign was used to propagate Negasteal, and a coinminer was seen bundled with legitimate applications.

We found some fake Facebook accounts stolen from influential accounts to sell, change the details, and/or reused for phishing.