• This is the Trend Micro detection for the backdoor installed by the PowerTrick post-exploitation toolkit believed to be developed by creators of Trickbot.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This backdoor comes bundled with a Monero miner, both spread by a botnet. The techniques employed are reminiscent of the Outlaw hacking group that Trend Micro reported in November 2018.
    Read more   

  • This malware was seen delivered via malicious spam spoofing the brand DHL as the sender. It came as an .
    Read more   

  • This new version of KERBERDS, a known crypto-mining malware that uses an ld.so.
    Read more   

  • This new version of KERBERDS, a cryptomining malware that uses an ld.so.
    Read more   

  • This malware is part of the fileless botnet Novter that is delivered via the KovCoreG malvertising campaign.This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This malware is part of the fileless botnet Novter distributed by the KovCoreG malvertising campaign.This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This rootkit is used by Skidmap - a Linux malware - to hide its cryptocurrency-mining abilities.This Rootkit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This miner figured in the fileless GhostMiner that uses WMI Objects. GhostMiner is known to kill competing other miner payloads.
    Read more   

  • This backdoor is seen propagating via CVE-2018-18636, a cross-site scripting vulnerability affecting the wireless router D-Link DSL-2640T. This malware is capable of receiving commands to flood other systems.
    Read more