Trojan:Win32/Tnega!MSR

Trojan:Win32/Tnega!MSR may bring other malware to your system

Trojan:Win32/Tnega!MSR is a malicious program that functions to deliver other malware. It uses numerous anti-detection tricks and is often distributed as mods and cheats for popular games. Such threats are capable of delivering spyware, ransomware and pretty much any other malware. Trojan:Win32/Tnega!MSR Overview Trojan:Win32/Tnega!MSR is a Microsoft Defender detection that refers to malware that acts… Continue reading Trojan:Win32/Tnega!MSR

SMApps Virus

SMApps is a pretty nasty thing. You should get rid of it as soon as possible.

SMApps is a malicious program that aims at spreading illegal promotions. It mainly attacks browsers by changing settings and redirecting search queries from Google to suspicious sites. Possible distribution methods are standard: malicious adverts and dodgy sites with hacked software. This malware uses different detection evasion, anti-analysis, and persistence tactics. Although primarily positioned as adware,… Continue reading SMApps Virus

Novice Rugmi Loader Delivers Various Spyware

Analysts uncovered a novice Rugmi Loader, malware that primarily aims at spreading spyware and stealers

The threat landscape meets a new player – Rugmi Loader. This threat specializes in spreading spyware, and is in fact capable of delivering any malware type. Rugmi boasts of its unusual structure, which makes it rather promising among other loaders. What is Rugmi Loader? The Rugmi is a complex loader with multiple components that deliver… Continue reading Novice Rugmi Loader Delivers Various Spyware

SecuriDropper Bypasses Google Play & Android Defenses

SecuriDropper circumvents security, jeopardizing Android devices with malware.

SecuriDropper is a rare example of the Android dropper malware that operates under the dropper-as-a-service (DaaS) model. This malware is raising significant concerns among experts due to its ability to bypass Google’s enhanced security measures and deliver a variety of malicious payloads. What is SecuriDropper Malware? SecuriDropper represents the latest evolution in the ever-changing world… Continue reading SecuriDropper Bypasses Google Play & Android Defenses

Skype & Microsoft Teams Spam Spreads DarkGate Loader

DarkGate Loader malware resurges, now spreading through Microsoft Teams and Skype.

Over the past few years, DarkGate has been relatively inactive. However, several campaign deployments have been detected this year across the Americas, Asia, the Middle East, and Africa. They started to aim at Microsoft apps, such as Skype and Teams, for spreading to target systems. What is DarkGate Loader? DarkGate Loader is a type of… Continue reading Skype & Microsoft Teams Spam Spreads DarkGate Loader

DarkGate Loader Expands Activity, Delivers Ransomware

The developer leases DarkGate malware to its partners, increasing DarkGate malware activity

A new DarkGate malware deployment campaign has caught the attention of cybersecurity researchers. This was fueled by the developer’s decision to lease its product to a limited number of affiliates. DarkGate Malware Activity Spikes as Developer Rents Out It According to cybersecurity researchers, a new DarkGate malware campaign made a fuss. It spreads through phishing… Continue reading DarkGate Loader Expands Activity, Delivers Ransomware

Oneetx.exe

Oneetx.exe is a process that belongs to Amadey Dropper executable file

Oneetx.exe is a malicious process, related to Amadey dropper malware. It can be spectated in the Task Manager, with seemingly nothing suspicious about it – if you don’t know what it stands for. Let me show you how it appears and how you can remove it. What is Oneetx.exe process? Oneetx.exe is a disguised name… Continue reading Oneetx.exe

Domino Backdoor is Lead by FIN7 and Conti Actors

New Domino Backdoor appears to be a collaboration between two notorious threat actors

A new Domino Backdoor popped out at the beginning of 2023. Since February, a new malware family coined Domino is used for attack on corporations, having Project Nemesis stealer as a final payload. Analysts say that the new backdoor is controlled and developed by ex-TrickBot/Conti actors and hackers related to the FIN7 group. Who are… Continue reading Domino Backdoor is Lead by FIN7 and Conti Actors

New stealthy “Beep” malware focuses heavily on evading detection

Beep Malware imitates action but, in fact, idly emits an actual inaudible "beep" sound from the PC speaker

Cybercriminals periodically develop something new. Sometimes it is an updated version of already known malware, and sometimes it is something new and not obvious, such as Beep malware. Thus, this malware has one distinguishing feature: a new tactic of evading detection. Although Beep malware is still under development, it already boasts existing functionality that avoids… Continue reading New stealthy “Beep” malware focuses heavily on evading detection