Threats Archives – Gridinsoft Blog

Docker API Vulnerability Exploited in Cryptojacking Campaign

"Commando Cat" Cryptojacking Campaign Targets Vulnerable Docker APIs

A new campaign named “Commando Cat” uses a Docker API vulnerability. It uses Docker to gain initial access to a system and then deploys a series of malicious payloads. This leads to cryptocurrency mining on compromised hosts. Docker API Vulnerability Exploited Investigators have discovered a new malware campaign aimed at Docker API endpoints. The malware… Continue reading Docker API Vulnerability Exploited in Cryptojacking Campaign

Mispadu Banking Trojan Exploits SmartScreen Flaw

One more malware family makes use of CVE-2023-36025

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered in late 2023 to target mainly LATAM users. Mispadu Trojan Uses SmartScreen Bypass The extensive research regarding Mispadu malware done by Unit 42, among other… Continue reading Mispadu Banking Trojan Exploits SmartScreen Flaw

CrackedCantil Dropper Delivers Numerous Malware

CrackedCantil is a versatile dropper malware, capable of unleashing multiple malicious payloads.

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper… Continue reading CrackedCantil Dropper Delivers Numerous Malware

What is a Bootkit? Explanation & Protection Guide

Bootkit one of the most hidden types of malware, despite being one of the most potent and severe ones

Bootkit is a rather unusual and unspoken, though widely used kind of malware. These advanced malware types operate beneath the surface, embedding themselves in a computer’s boot sector, allowing them to activate before the operating system (OS) even starts. But why do they need such a deep integration? And where are they used? Let’s find… Continue reading What is a Bootkit? Explanation & Protection Guide

Novice FBot Stealer Targets Cloud Services

Emerging FBot stealer, a beginner's tool, targets cloud platforms, exploiting vulnerabilities for data theft.

Researchers report about a new malware strain dubbed FBot. This Python-based malicious program appears to be a unique tool in cybercriminals’ arsenal. Its uniqueness is due to its targeting of web and cloud services. Deeper analysis reveals that it was potentially made for a specific cybercrime group or for the use in specific attacks. FBot… Continue reading Novice FBot Stealer Targets Cloud Services

AzorUlt Stealer Is Back In Action, Uses Email Phishing

Once-forgotten malware is back in business

Cybersecurity experts have stumbled upon the eight-year-old Azorult malware. This malware steals information and collects sensitive data, and has been down since late 2021. But will the old dog keep up to new tricks? Azorult Malware Resurfaces After 2 Years A recent research in the cyber threat landscape has brought to light concerning news about… Continue reading AzorUlt Stealer Is Back In Action, Uses Email Phishing

Remcos RAT Targets South Korean Users Through Webhards

A new wave of Remcos RAT spreading targets people from South Korea

An infamous Remcos RAT reportedly started targeting South Korean users through the files shared on Webhards platform. By baiting users with cracked software and adult content, hackers manage to install a malicious script that in turn downloads and runs the dangerous remote access trojan. Remcos RAT Uses Webhards to Spread Recent research of South Korean… Continue reading Remcos RAT Targets South Korean Users Through Webhards

SMTP Smuggling is a New Threat to Email Security

A new exploitation technique known as SMTP smuggling has emerged, which can be maliciously utilized as a weapon.

A new SMTP Smuggling technique reportedly has the potential to bypass existing security protocols. Also it can enable attackers to send spoofed emails from seemingly legitimate addresses. This may breathe new life into email spam, despite its efficiency not decreasing throughout the last time. What is SMTP Smuggling? SMTP smuggling is a novice exploitation technique… Continue reading SMTP Smuggling is a New Threat to Email Security

Seven Common Types of Malware – Analysis & Description

Being aware of the types of malware is key to protecting your devices and systems from potential cyberattacks.

In the intricate landscape of cybersecurity, comprehending the various forms of malware is crucial. This article offers an in-depth look at the most pervasive malware types, from Loaders to Keyloggers. We’ll explore their mechanisms, impacts, and how they compromise digital security, providing you with the knowledge to better safeguard against these ever-evolving cyber threats. Let’s… Continue reading Seven Common Types of Malware – Analysis & Description

PUABundler:Win32/PiriformBundler

PiriformBundler is a detection name for software developed by Piriform

PUABundler:Win32/PiriformBundler is the detection of an unwanted program, developed and issued by Piriform Software. While applications from this developer aren’t inherently malicious, the bundled software they carry and their questionable behavior make them less than desirable. What is PUABundler:Win32/PiriformBundler? PiriformBundler is a detection name for unwanted software developed by Piriform. Microsoft assigns such names to… Continue reading PUABundler:Win32/PiriformBundler