Last week on Malwarebytes Labs, we released survey results about VPN usage and found that 36 percent of our respondents use it. We also talked about Adobe Flash Player reaching its end of life—meaning, Adobe won’t be supporting the updating and patching of its Flash Player software; covered the ransomware attack against Funke Media Group, one of Germany’s largest publishers; and … [Read more...]
Malwarebytes Labs January 11, 2021
A week in security (January 4 – January 10)
Filed Under: a week in security, Adobe Flash Player, APT37, BitCoin Scam, Bitcoin sextortion, chastity belt, chinese apt, covid-19 scams, credential leak, fake copyright violations, funke media group, Instagram scams, IoT, Juspay, online video gaming, overpayment scam, rat, rokrat, sextortion scam, vpn
Threat Intelligence Team January 6, 2021
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
This post was authored by Hossein Jazi On December 7 2020 we identified a malicious document uploaded to Virus Total which was purporting to be a meeting request likely used to target the government of South Korea. The meeting date mentioned in the document was 23 Jan 2020, which aligns with the document compilation time of 27 Jan 2020, indicating that this attack took place almost a year … [Read more...]
Filed Under: APT37, Hangul, korea, Office, rokrat, Social engineering, Threat analysis, VBA