CRAT wants to plunder your endpoints
By Asheer Malhotra. Cisco Talos has observed a new version of a remote access trojan (RAT) family known as CRAT. Apart from the prebuilt RAT capabilities, the malware can download and deploy additional malicious plugins on the infected endpoint. One of the plugins is a ransomware known as “Hansom.” CRAT has been attributed to the Lazarus […]
Metamorfo Banking Trojan Keeps Its Sights on Brazil
Cisco Talos recently identified two ongoing malware distribution campaigns being used to infect victims with banking trojans, specifically financial institutions' customers in Brazil.
Advanced Mobile Malware Campaign in India uses Malicious MDM – Part 2
This blog post is authored by Warren Mercer and Paul Rascagneres and Andrew Williams. Summary Since our initial post on malicious mobile device management (MDM) platforms, we have gathered...
Advanced Mobile Malware Campaign in India uses Malicious MDM
Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices.
Who Wasn’t Responsible for Olympic Destroyer?
This blog post is authored by Paul Rascagneres and Martin Lee. Summary Evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow...
Player 3 Has Entered the Game: Say Hello to ‘WannaCry’
This post was authored by Martin Lee, Warren Mercer, Paul Rascagneres, and Craig Williams. Executive Summary A major ransomware attack has affected many organizations across across the world reportedly including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US. The malware responsible for this attack is a ransomware variant known as […]