Search
Keyword: sent
Android OS
NOTES: GreyWolf family is found in an underground forum for malware authors. The malware disguises itself using names like love profess app . After the victim installs the app, it locks the interface after rebooting....
SIMBOT is a backdoor family that accesses certain remote servers in order to receive commands from a remote attacker. The following are the executed commands on the affected system: Download and executes files Execute a DOS command sent by the remote...
This is the Trend Micro detection for cousin domain tactics in a fraudulent email message. A cousin or lookalike domain is a domain that looks deceptively similar to a legitimate target domain. Cousin domains are often used in phishing or business e...
This is the Trend Micro detection for phishing emails that pretend to be sent from a known or popular brand. The phishing email attempts to lure recipients to click the URL in the content or open the email attachment. Usually, clicking the URL redire...
This is the Trend Micro generic detection for threat with callback behavior. Callback is a type of network behavior usually sent by threats for collecting feedback data or controlling threats remotely. It is commonly used in Trojan, botnet, or backdo...
This is the Trend Micro generic detection for threat with callback behavior. Callback is a type of network behavior usually sent by threats for collecting feedback data or controlling threats remotely. It is commonly used in Trojan, botnet, or backdo...
Because of the holiday season, people become more active in online shopping. Cybercriminals also see this as an opportunity to ride the hype and take advantage of this situation. In this case, an email is s...
This spyware may be unknowingly downloaded by a user while visiting malicious websites.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user, effectively compromising the affected system.
Ransomware is a common malicious attachment found in spam mail campaigns. In this particular instance, we found samples of two new spam campaigns sporting Locky ransom...
This Trojan may be hosted on a website and run when a user accesses the said website.
Callback is a type of network behavior usually sent by threats for collecting feedback data or controlling threats remotely. It is commonly used in Trojan, botnet, or backdoor routines. Advanced threats used in targeted attacks use callback features ...
While the pandemic continues to affect millions of lives, spammers have continued to use COVID-19 as subject to lure recipients. In a campaign we have observed from March to June 2020, spammers a...
This worm may be downloaded from app stores/third party app stores.
This malware can be found in some malicious apps that used to be available on Google Play. The app targeted Arabic-speaking users in the Middle East.
It is capable of cyberespionage techniques such as recording data, stealing information, sending in...
FAREIT was discovered in 2012 and has been undergoing changes to bypass anti-virus detection. It is now one of the most successful information stealers deployed in spam campaigns. The source code of the malware has been leaked publicly, enabling cybe...
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution.
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution.