Malware

Malware / Most Viewed

An Unnatural .Bond: A Study of a ‘Megacluster’ of Malware Domains

Jul 23, 2024

A recent news story, following research from security provider Infoblox, highlighted the case of the 'Revolver Rabbit' cybercriminal gang, who have registered more than half-a-million domains to be used for the distribution of information-stealing malware. The gang make use of automated algorithms to register their domains, but unlike the long, pseudo-random ('high entropy') domain names frequently associated with such tools, the Revolver Rabbit domains instead tend to consist of hyphen-separated dictionary words (presumably so as to obfuscate their true purpose), with a string of digits at the end. more

Industry Updates

Hunting for TimbreStealer Malware Artifacts in the DNS

A Peek at the PikaBot Infrastructure

A Log4Shell Malware Campaign in the DNS Spotlight

Unveiling Stealthy WailingCrab Aided by DNS Intelligence

DNS Abuse and Redirection: Enough for a New JS Malware to Hide Behind?

Decoy Dog, Too Sly to Leave DNS Traces?

A DNS Deep Dive Into Malware Crypting

A DNS Deep Dive: That VPN Service May Be OpcJacker in Disguise

SocGholish IoCs and Artifacts: Tricking Users to Download Malware

Malware Persistence versus Early Detection: AutoIT and Dridex IoC Expansion Analysis

A Call for Help May Lead to Malware: BazarCall IoC Analysis and Expansion

Eternity’s LilithBot, Soon Available to Regular Internet Users?

Alleviating BlackEnergy-Enabled DDoS Attacks

GALLIUM APT Group and Other Threat Actors in Disguise

Both Aged and New Domains Play a Role in the NDSW/NDSX Malware Campaign

View More