FickerStealer is a MaaS (Malware as a Service) stealer that is sold on hacking forums. Its main goal is to steal sensitive information cached by the user - specifically browser passwords - and
Read More >>
AgentTesla is a .NET based malware, commonly distributed as part of a malspam campaign. Use of AgentTesla soared in 2020, when it became a favorite of threat actors, which used it to achieve
Read More >>
An unknown threat actor has been specifically targeting German companies and citizens for several months with advanced phishing style attacks. As already reported at the end of last year in our
Read More >>
Over the past few months, Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to investigate
Read More >>
Qbot (also known as Qakbot) is a notorious, widely spreading first stage malware, which is usually spread via malspam campaigns. Targeted victims receive mail with a malicious attachment that when
Read More >>
Over the past couple of months Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to
Read More >>
As we turn the corner and begin 2021 (not a moment too soon) many people are breathing a sigh of relief, but security experts are still holding their breath. 2020 was a bumper year for ransomware
Read More >>
The Minerva Labs Research team has recently encountered a resurgence in Rig exploit kit. This infamous exploit kit has been reportedly used by threat actors since 2015 (as reported by Trustwave).
Read More >>
Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again
Minerva Labs conducted a thorough review of the cybersecurity threat exposed by SolarWinds breach. Our
Read More >>
BuerLoader is a stealthy implant, which is frequently used by attackers as an initial foothold in organizations. The malware’s common method of infection is by phishing mails, which contain a
Read More >>
Fake installers are on the rise, and it is not a coincidence. This opportunistic method of infection is getting increasingly popular because of the ease of creating new and obfuscated payloads
Read More >>
Malwarebytes’s Threat Intelligence team has uncovered a new attack dubbed “Kraken”, which is attributed to APT32.
Read More >>
