Briefing Malware
BLOG CERT SOGETI ESEC
CERT BRIEFING MALWARE

Briefing Malware - 01/06/2021

01st of June 2021 - Winners of the 22nd week : njRAT, Redline and Nanocore.

Some links points at extended actionnable intelligence (Threat Bulletins, TTPs, signatures, etc) on our Threat Intelligence Platform Anomali. This access is limited to our clients.

 

Threat statistics report

Publication date:

01/06/2021

Distribution :

TLP : WHITE  

What's new?

Raccoon (NC)

Raccoon, Malware as a Service

Observed since 2019, Raccoon is an information stealer targeting victim credentials and cryptocurrency wallets, widely used for its simplicity.

https://blog.cyberint.com/raccoon-stealer

 

FormBook (NC)

Lokibot(IDMitre : S0447)

Italian public administrations hit by 34 campaigns

Several campaigns have been detected the last week involving 4 types of malwares (FormBook, Lokibot, Flubot and Adwin). Poste Italiane, Unicredit or ING are amongst the most leveraged phishing themes.

https://www.difesaesicurezza.com/cyber/cybercrime-la-pa-in-italia-attaccata-da-34-campagne-la-scorsa-settimana/

 

Vidar (NC)

Deep Analysis of Vidar Stealer

Vidar Stealer is a malware specialized in stealing information mainly distributed as spam mail or as a cracked version thanks to a keygen software to license the commercial software

https://medium.com/s2wlab/deep-analysis-of-vidar-stealer-ebfc3b557aed

 

Download the report

 

 

Print Email