• This new Mirai variant exploits CVE-2020-10173, a vulnerability in Comtrend VR-3033 routers. Similar to earlier variants, this Mirai variant uses telnet and SSH brute-forcing techniques to attack vulnerable devices.
    Read more   

  • Cybercriminals take advantage of the popularity of the Zoom messaging app. This backdoor is found in a fake Zoom installer.
    Read more   

  • This AutoIt-compiled malware downloads a coinminer in affected systems. This malware is distributed by cybercriminals by bundling it with a legitimate installer of the Zoom communication app.
    Read more   

  • This POWLOAD variant is seen distributed via spam. The spam campaign is in Italian and lures users to click by using COVID-19 in its subject.
    Read more   

  • This backdoor comes bundled with a Monero miner, both spread by a botnet. The techniques employed are reminiscent of the Outlaw hacking group that Trend Micro reported in November 2018.
    Read more   

  • This is the Trend Micro detection for the backdoor installed by the PowerTrick post-exploitation toolkit believed to be developed by creators of Trickbot.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This malware was seen delivered via malicious spam spoofing the brand DHL as the sender. It came as an .
    Read more   

  • This new version of KERBERDS, a known crypto-mining malware that uses an ld.so.
    Read more   

  • This new version of KERBERDS, a cryptomining malware that uses an ld.so.
    Read more   

  • This malware is part of the fileless botnet Novter that is delivered via the KovCoreG malvertising campaign.This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more