Snake Keylogger’s Many Skins: Analysing Code Reuse Among Infostealers

2021-07-14T07:12:48-07:00June 28th, 2021|Threat Research|

Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, we've seen campaigns spreading this malware almost daily. Snake's name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate [...]

An Analysis of L0rdix RAT, Panel and Builder

2021-05-12T04:28:20-07:00July 19th, 2019|Threat Research|

L0rdix is a multipurpose remote access tool (RAT) that was first discovered being sold on underground criminal forums in November 2018. Shortly after its discovery, Ben Hunter of enSilo analysed the RAT’s functionality. Although L0rdix's author set the price of the RAT at 4000 RUB (64 USD), for many cyber criminals even this was too [...]

Social Media Platforms Bring the Dark Web Closer Than You Think

2021-04-08T10:53:14-07:00April 19th, 2019|Into the Web of Profit, Uncategorized|

Some of the most popular social media platforms are being exploited by cybercriminals to openly sell their tools and expertise This exploitation means that the lines between clear web platforms and their dark web equivalents have become blurred We use social media for many reasons. Keeping up with our friends, finding out the latest news [...]