Estimated reading time: 13 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 5 minutes
Threat actors use multiple methods to distribute malware to infect specific targets. Even though various phishing methods are actively used and evolving, an alternative approach to increase their success rate is to call the target corporate companies. Techniques like...
Estimated reading time: 5 minutes
Zloader aka Terdot – a variant of the infamous Zeus banking malware is well known for aggressively using “.xls”, “.xlsx” documents as its initial vector to deliver its payload. Despite this, recently we have come across “.docm” file which...
Estimated reading time: 2 minutes
Whaling attacks are a deadly combination of spear-phishing and social engineering. Like phishing attacks, the attempts of the perpetrators are similar – to get a target to reveal confidential data or even get tricked and send money. But whaling...
Estimated reading time: 2 minutes
Supply chains and industrial enterprises are being targeted through a series of ongoing spear-phishing attacks. This recent campaign, observed on systems within Germany, United States and Japan thus far, operates through the obfuscation of malware on public, legitimate sources....
Estimated reading time: 5 minutes
Summary Quick Heal Security Labs has observed a new malspam campaign that is targeting Manufacturing and Export industries in India. In this campaign, malware actors are making use of multiple sophisticated techniques to bypass defence mechanisms. In our analysis,...
Estimated reading time: 5 minutes
Quick Heal Labs have been tracking this Cyber-espionage operation since 2016. We have identified this attack as operation m_project. From the past year, we have seen a surge in these APT activities. Modus operandi of the attackers have remained...
Estimated reading time: 5 minutes
Use of Phishing emails is not new for cyber-attack and is still one of the classic strategies to compromise a victim’s machine. Cyber criminals lure victims to open email attachments (mostly Doc and XLS files) by faking them to...
Estimated reading time: 4 minutes
In the last few months, we’ve seen a sudden increase in Spear Phishing attacks. Spear phishing is a variation of a phishing scam wherein hackers send a targeted email to an individual which appears to be from a trusted source. In...
Estimated reading time: 11 minutes
In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and...