Estimated reading time: 6 minutes
Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In previous campaigns, including those in mid-2024, attackers used ClickFix a...
Estimated reading time: 10 minutes
Table of Contents Introduction Initial Findings. Infection Chain. Technical Analysis. Initial Infection – Malicious Document. Second Stage – Malicious PyInstaller Executable. Final Stage – Malicious Python Scripts. Discord Bot Features. Ransomware Features. Conclusion Seqrite Protection. IOCs MITRE ATT&CK. Authors...Estimated reading time: 10 minutes
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Contents Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Campaign 1 Looking into the malicious email Looking into decoy document. Campaign 2 Looking into the malicious...
Estimated reading time: 8 minutes
Recently, Seqrite Lab saw a phishing campaign delivering formbook stealers through email attachments. Formbook, as seen since 2016, has evolved in many ways from stealth features to evasion techniques. Being sold on hacking forums as Malware as a Service,...
Estimated reading time: 5 minutes
Introduction: Attackers are continuously developing different techniques to infect systems and steal sensitive information. A recent campaign a multi-stage infection chain that starts with a LNK file, which lures the victim into opening an invoice in a web browser....
Estimated reading time: 4 minutes
Introduction XWorm is an evasive and flexible malware recognized for its modular design. It uses obfuscation techniques to avoid detection. It communicates with a Command and Control server and executes malicious activities. After execution, the malware decrypts its configuration...
Estimated reading time: 11 minutes
Contents Introduction Key Targets. Industries Affected. Geographical Focus. Initial Findings. Looking into the decoy-document – I Looking into the decoy-document – II Infection Chain. Technical Analysis Stage 1 – Malicious LNK Script & VBScript. Stage 2 – Malicious Cobalt...
Estimated reading time: 6 minutes
In the wake of numerous security incidents in which attackers exploited unsegmented networks to spread malware and access sensitive data, it’s clear that traditional network architectures often fail to prevent the lateral movement of threats. This blog will illustrate...
Estimated reading time: 8 minutes
Seqrite Labs APT-Team has recently discovered multiple campaigns involving fake PayPal lures. These are targeting individuals around the globe with a new variant of ransomware known as Cronus. In this case, the malware is developed in PowerShell and is...
Estimated reading time: 11 minutes
In the recent past, cyberattacks on Indian government entities by Pakistan-linked APTs have gained significant momentum. Seqrite Labs APT team has discovered multiple such campaigns during telemetry analysis and hunting in the wild. One such threat group, SideCopy, has...