Unit 42
SquirtDanger: The Swiss Army Knife Malware from Veteran Malware Author TheB...
Unit 42 unravels TheBottle's activities and his newest malware family
Get to know
Sort By:
Unit 42
Patchwork Continues to Deliver BADNEWS to the Indian Subcontinent
Unit 42 observes the Patchwork group continuing to use weaponized legitimate documents to deliver their updated BADNEWS payload.
Unit 42
Sure, I’ll take that! New ComboJack Malware Alters Clipboards to Steal Cryp...
Unit 42 discovers ComboJack, a new currency stealer that alters clipboards to steal cryptocurrency.
Unit 42
Everybody Gets One: QtBot Used to Distribute Trickbot and Locky
Unit 42 investigates QtBot downloader used to distribute Trickbot and Locky.
Unit 42
Kazuar: Multiplatform Espionage Backdoor with API Access
Unit 42 researchers have uncovered Kazuar, a backdoor Trojan used in an espionage campaign.
Sort By:
Malware, Unit 42
New Poison Ivy RAT Variant Targets Hong Kong Pro-Democracy Activists
Malware writers have always sought to develop feature-rich, easy to use tools that are also somewhat hard to detect via both host- and network-based detection systems. For many years, one of the …
Cybersecurity, Malware, Threat Prevention, Unit 42
Tracking MiniDionis: CozyCar’s New Ride Is Related to Seaduke
Executive Summary Unit 42 has uncovered a new campaign from the CozyDuke threat actors, aka CozyCar [1], leveraging malware that appears to be related to the Seaduke malware described earlier this week …
Financial Services, Malware, Threat Prevention, Unit 42
Retefe Banking Trojan Targets Sweden, Switzerland and Japan
Retefe is one of the most targeted banking Trojans currently in the wild. While other families such as Zeus and Citadel are widely adopted by attackers targeting banking websites around the world, …
Cybersecurity, Threat Prevention, Unit 42
RTF Exploit Installs Italian RAT: uWarrior
Unit 42 researchers have observed a new Remote Access Tool (RAT) constructed by an unknown actor of Italian origin. This RAT, referred to as uWarrior because of embedded PDB strings, has been …
Malware, Threat Prevention, Unit 42
Musical Chairs: Multi-Year Campaign Involving New Variant of Gh0st Malware
The Gh0st malware is a widely used remote administration tool (RAT) that originated in China in the early 2000s. It has been the subject of many analysis reports, including those describing targeted …