SMApps is a malicious program that aims at spreading illegal promotions. It mainly attacks browsers by changing settings and redirecting search queries from Google to suspicious sites. Possible distribution methods are standard: malicious adverts and dodgy sites with hacked software. This malware uses different detection evasion, anti-analysis, and persistence tactics. Although primarily positioned as adware,… Continue reading SMApps Virus
Tag: Dropper
Novice Rugmi Loader Delivers Various Spyware
The threat landscape meets a new player – Rugmi Loader. This threat specializes in spreading spyware, and is in fact capable of delivering any malware type. Rugmi boasts of its unusual structure, which makes it rather promising among other loaders. What is Rugmi Loader? The Rugmi is a complex loader with multiple components that deliver… Continue reading Novice Rugmi Loader Delivers Various Spyware
SecuriDropper Bypasses Google Play & Android Defenses
SecuriDropper is a rare example of the Android dropper malware that operates under the dropper-as-a-service (DaaS) model. This malware is raising significant concerns among experts due to its ability to bypass Google’s enhanced security measures and deliver a variety of malicious payloads. What is SecuriDropper Malware? SecuriDropper represents the latest evolution in the ever-changing world… Continue reading SecuriDropper Bypasses Google Play & Android Defenses
Skype & Microsoft Teams Spam Spreads DarkGate Loader
Over the past few years, DarkGate has been relatively inactive. However, several campaign deployments have been detected this year across the Americas, Asia, the Middle East, and Africa. They started to aim at Microsoft apps, such as Skype and Teams, for spreading to target systems. What is DarkGate Loader? DarkGate Loader is a type of… Continue reading Skype & Microsoft Teams Spam Spreads DarkGate Loader
DarkGate Loader Expands Activity, Delivers Ransomware
A new DarkGate malware deployment campaign has caught the attention of cybersecurity researchers. This was fueled by the developer’s decision to lease its product to a limited number of affiliates. DarkGate Malware Activity Spikes as Developer Rents Out It According to cybersecurity researchers, a new DarkGate malware campaign made a fuss. It spreads through phishing… Continue reading DarkGate Loader Expands Activity, Delivers Ransomware
Oneetx.exe – What is that process? Oneetx Removal
Oneetx.exe is a malicious process, related to Amadey dropper malware. It can be spectated in the Task Manager, with seemingly nothing suspicious about it – if you don’t know what it stands for. Let me show you how it appears and how you can remove it. What is Oneetx.exe process? Oneetx.exe is a disguised name… Continue reading Oneetx.exe – What is that process? Oneetx Removal
Domino Backdoor is Lead by FIN7 and Conti Actors
A new Domino Backdoor popped out at the beginning of 2023. Since February, a new malware family coined Domino is used for attack on corporations, having Project Nemesis stealer as a final payload. Analysts say that the new backdoor is controlled and developed by ex-TrickBot/Conti actors and hackers related to the FIN7 group. Who are… Continue reading Domino Backdoor is Lead by FIN7 and Conti Actors
New stealthy “Beep” malware focuses heavily on evading detection
Cybercriminals periodically develop something new. Sometimes it is an updated version of already known malware, and sometimes it is something new and not obvious, such as Beep malware. Thus, this malware has one distinguishing feature: a new tactic of evading detection. Although Beep malware is still under development, it already boasts existing functionality that avoids… Continue reading New stealthy “Beep” malware focuses heavily on evading detection