Unmasking Spyware Based on SpyMax Targeting Chinese Citizens

Reports Reports Spyware Based on SpyMax Download Report The detected and analyzed APK named “检察院” (Chinese Prosecutor’s Office) is a highly dangerous mobile threat identified as an advanced variant of the SpyMax/SpyNote family. The malware is a comprehensive spyware package that impersonates the Supreme People’s Procuratorate of the People’s Republic of China and targets Chinese-speaking […]

Unmasking AzzaSec: A Closer Look

AzzaSec is a hacktivist and financially motivated threat actor group first founded on February 28, 2024, and detected by ThreatMon.

Understanding the ‘Kapeka’ Backdoor: Detailed Analysis by APT44

Kapeka Backdoor is a sophisticated malware that prepares a platform for malware execution by communicating with infected devices. Through command-and-control (C2) communication, attackers can send commands and take control of target systems. This backdoor is similar to another backdoor known as QUEUESEED, which has the same hash and characteristics. Both malware have been attributed to the Russian APT group Sandworm.

Analysis Report of LockBit Activities After OpCronos

LockBit was the most widely used ransomware variant worldwide in 2022 and is still prolific. Since January 2020, LockBit has attacked organizations of various sizes across critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

The Anatomy of a Sidecopy Attack: From RAR Exploits to AllaKore RAT

This report offers a detailed analysis of a recent cyberattack conducted by the APT group known as “Sidecopy,” believed to operate from Pakistan.

The Konni APT Chronicle: Tracing Their Intelligence-Driven Attack Chain

In the ever-evolving landscape of cybersecurity, the persistent and sophisticated activities of Advanced Persistent Threat (APT) groups continue to pose significant challenges to organizations worldwide.

Unraveling the Complex Infection Chain: Analysis of the SideCopy APT’s Attack

This report presents a list of Indicators of Compromise (IOCs) associated with the SideCopy APT Group’s infection chain. These IOCs, including file hashes, IP addresses, domain names, and other relevant artifacts, aid in the identification and detection of malicious activity.

From Slides to Threats: Transparent Tribe’s New Attack on Indian Government Entities Using Malicious PPT

In the vast landscape of cybersecurity threats, state-sponsored cyber espionage groups pose a significant challenge to national security.

Unraveling the Layers: Analysis of Kimsuky’s Multi-Staged Cyberattack

Introduction In recent developments within the realm of cybersecurity, an alarming revelation has come to light—an intricate and multi-staged attack campaign executed by the Kimsuky Advanced Persistent Threat (APT) group.

Chinotto Backdoor: Technical Analysis of the APT Reaper’s Powerful Weapon

In this report, we analyzed new techniques used by the Backdoor of the Reaper APT Group. Compare to old variants, it can now log your keystrokes, take screenshots and more.