Adobe Reader Infostealer Plagues Email Messages in Brazil

Frauds use forged PDF documents to deploy infostealers

A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app, that triggers malware downloading and installation. Considering the language of the said documents, this malicious activity mainly targets Portugal and Brazil. Infostealer Spreads in Fake… Continue reading Adobe Reader Infostealer Plagues Email Messages in Brazil

WingsOfGod.dll – WogRAT Malware Analysis & Removal

WogRAT is a pretty simple backdoor with mysterious spreading ways

WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file – Wingsofgod.dll, this malware attacks people since late 2022, spreading through the online notepad service. What is WogRAT (WingsOfGod.dll)? WogRAT is a classic example of a remote access trojan, a backdoor-like malicious… Continue reading WingsOfGod.dll – WogRAT Malware Analysis & Removal

rsEngineSvc.exe Process: Reason Core Security Engine Service

The presence of rsEngineSvc.exe is a sign of an unwanted program running in the system

RsEngineSvc.exe is an executable file associated with RAV Antivirus, a program developed by ReasonLabs. While being less dangerous than malware, it may be categorized as PUP (Potentially Unwanted Program). This kind of software is usually bundled with other free applications and installed without the user’s knowledge or distributed through deceptive advertising. Is Rsenginesvc.exe Virus? As… Continue reading rsEngineSvc.exe Process: Reason Core Security Engine Service

Bitfiat Process High CPU – Explained & Removal Guide

Have you opened Task Manager and found the Bitfiat high CPU usage? Here is the way to solve this.

Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s see what this malware is, and how to remove it. Bitfiat Overview The Bitfiat process is related to the activity of a malicious coin miner.… Continue reading Bitfiat Process High CPU – Explained & Removal Guide

Warzone RAT Dismantled, Members Arrested

International crackdown dismantles Warzone RAT, leading to key arrests in Malta and Nigeria.

In an international law enforcement operation, the U.S. Department of Justice continues its fight against cybercriminals. The operation dismantled a network that sold and supported the Warzone Remote Access Trojan (RAT). Also, this malware allowed cybercriminals to stealthily infiltrate victims’ computers, resulting in data theft and other malicious activities. Warzone RAT Masters Arrested and Charged… Continue reading Warzone RAT Dismantled, Members Arrested

Mispadu Banking Trojan Exploits SmartScreen Flaw

One more malware family makes use of CVE-2023-36025

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered in late 2023 to target mainly LATAM users. Mispadu Trojan Uses SmartScreen Bypass The extensive research regarding Mispadu malware done by Unit 42, among other… Continue reading Mispadu Banking Trojan Exploits SmartScreen Flaw

CrackedCantil Dropper Delivers Numerous Malware

CrackedCantil is a versatile dropper malware, capable of unleashing multiple malicious payloads.

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper… Continue reading CrackedCantil Dropper Delivers Numerous Malware

PUABundler:Win32/CandyOpen Analysis & Removal Guide

CandyOpen is a malware used to download unwanted software

PUABundler:Win32/CandyOpen is an unwanted program that acts as a browser hijacker and can download junk apps to your system. Specifically, it points at a thing known as OpenCandy adware, that is known for its indecent behavior. Let’s break it down and see what the PUABundler/Candyopen on a real-world example. What is PUABundler:Win32/CandyOpen? As I’ve said… Continue reading PUABundler:Win32/CandyOpen Analysis & Removal Guide

Seven Common Types of Malware – Analysis & Description

Being aware of the types of malware is key to protecting your devices and systems from potential cyberattacks.

In the intricate landscape of cybersecurity, comprehending the various forms of malware is crucial. This article offers an in-depth look at the most pervasive malware types, from Loaders to Keyloggers. We’ll explore their mechanisms, impacts, and how they compromise digital security, providing you with the knowledge to better safeguard against these ever-evolving cyber threats. Let’s… Continue reading Seven Common Types of Malware – Analysis & Description

PUABundler:Win32/PiriformBundler

PiriformBundler is a detection name for software developed by Piriform

PUABundler:Win32/PiriformBundler is the detection of an unwanted program, developed and issued by Piriform Software. While applications from this developer aren’t inherently malicious, the bundled software they carry and their questionable behavior make them less than desirable. What is PUABundler:Win32/PiriformBundler? PiriformBundler is a detection name for unwanted software developed by Piriform. Microsoft assigns such names to… Continue reading PUABundler:Win32/PiriformBundler