Estimated reading time: 10 minutes
Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and Infrastructure. Attribution Conclusion Seqrite Protection. IOCs MITRE ATT&CK. Authors: Subhajeet Singha...
Estimated reading time: 14 minutes
Content Introduction Initial Findings. Looking into the decoy. Infection Chain. Technical Analysis. Stage 1 – Malicious LNK Script. Stage 2 – Malicious Pterois Implant. Stage 3 – Malicious Isurus Implant. Stage 4 – Malicious Cobalt Strike Shellcode. Infrastructure and...
Estimated reading time: 4 minutes
Yelp is the default help browser in GNOME-based Linux distributions, including widely used systems such as Ubuntu, Fedora and Debian etc. It is responsible for rendering help documentation written in the Mallard XML format and integrates tightly with the...
Estimated reading time: 8 minutes
Cybercriminals continually refine their tactics, making Android malware more insidious and challenging to detect. A new variant of the fake NextGen mParivahan malware has emerged, following its predecessor’s deceptive strategies but introducing significant enhancements. Previously, attackers exploited the government’s...
Estimated reading time: 8 minutes
Table of Contents: Introduction Threat Profile Infection Chain Campaign-1 Analysis of Decoy: Technical Analysis Fingerprint of ROKRAT’s Malware Campaign-2 Analysis of Decoy Technical analysis Detailed analysis of Decoded tony31.dat Conclusion Seqrite Protections MITRE Att&ck: IoCs Introduction: Security researchers at...
Estimated reading time: 6 minutes
Info-stealer malware has become a growing threat, with attackers constantly refining their techniques to evade detection. Among these threats, SnakeKeylogger has emerged as one of the highly active credential-stealing malware, targeting individuals and businesses. Known for its multi-stage infection...
Estimated reading time: 7 minutes
Recently we have observed multiple stealer malware such as Remcos, DcRAT,AgentTesla, VIPKeyLogger, etc. distributed through a steganographic campaign. On tracing the roots, the campaign has been around for a while but has not been active since long. What makes...
Estimated reading time: 3 minutes
The cybersecurity landscape is constantly evolving, with traditional methods of securing user accounts—such as passwords—proving increasingly inadequate against the growing sophistication of cyberattacks. In response, authentication systems that go Beyond Passwords, i.e., password-less, have emerged as a promising solution....
Estimated reading time: 6 minutes
Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In previous campaigns, including those in mid-2024, attackers used ClickFix a...
Estimated reading time: 10 minutes
Table of Contents Introduction Initial Findings. Infection Chain. Technical Analysis. Initial Infection – Malicious Document. Second Stage – Malicious PyInstaller Executable. Final Stage – Malicious Python Scripts. Discord Bot Features. Ransomware Features. Conclusion Seqrite Protection. IOCs MITRE ATT&CK. Authors...