FickerStealer is a MaaS (Malware as a Service) stealer that is sold on hacking forums. Its main goal is to steal sensitive information cached by the user - specifically browser passwords - and
Read More >>Preventing AgentTesla Infiltration
AgentTesla is a .NET based malware, commonly distributed as part of a malspam campaign. Use of AgentTesla soared in 2020, when it became a favorite of threat actors, which used it to achieve
Read More >>The Return of the German JavaScript Dropper
An unknown threat actor has been specifically targeting German companies and citizens for several months with advanced phishing style attacks. As already reported at the end of last year in our
Read More >>The Curious Case of FlashHelperService - Updated
Over the past few months, Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to investigate
Read More >>Qbot Malspam and The Rise Of Sophisticated Evasion Techniques
Qbot (also known as Qakbot) is a notorious, widely spreading first stage malware, which is usually spread via malspam campaigns. Targeted victims receive mail with a malicious attachment that when
Read More >>The Curious Case of FlashHelperService
Over the past couple of months Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to
Read More >>Five Malware Trends That Dominated 2020 (And Will Still Be Here in 2021)
As we turn the corner and begin 2021 (not a moment too soon) many people are breathing a sigh of relief, but security experts are still holding their breath. 2020 was a bumper year for ransomware
Read More >>Rig Exploit Kit Resurges - Minerva Prevents The Attack
The Minerva Labs Research team has recently encountered a resurgence in Rig exploit kit. This infamous exploit kit has been reportedly used by threat actors since 2015 (as reported by Trustwave).
Read More >>Solarwinds Breach Related Events Prevented By Minerva
Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again
Minerva Labs conducted a thorough review of the cybersecurity threat exposed by SolarWinds breach. Our
Read More >>Stopping BuerLoader With Minerva Lab's Hostile Environment Simulation module
BuerLoader is a stealthy implant, which is frequently used by attackers as an initial foothold in organizations. The malware’s common method of infection is by phishing mails, which contain a
Read More >>Preventing Fake Software Installers with Minerva Labs
Fake installers are on the rise, and it is not a coincidence. This opportunistic method of infection is getting increasingly popular because of the ease of creating new and obfuscated payloads
Read More >>Sedating The Kraken – Blocking APT32 Fileless Injection
Malwarebytes’s Threat Intelligence team has uncovered a new attack dubbed “Kraken”, which is attributed to APT32.
Read More >>