Search
Keyword: trojhybrisp33
A spam campaign called the Love Letter has been discovered by security researchers. It is used in the delivery and distribution of the Nemty ransomware while disguising itself to appear like it is a
An observable spike of spam samples attempting to phish Wells Fargo users in June 2020. This spam campaign unusually uses .ICS files as attachments. These samples lure the recipient into opening the
A new wave of bitcoin extortion spam is making its way to educational institutions. Written in Filipino, it contains a threatening message depicting how the scammer was able to hack the victim's
While the pandemic continues to affect millions of lives, spammers have continued to use COVID-19 as subject to lure recipients. In a campaign we have observed from March to June 2020, spammers aimed
Since the start of April, we have observed numerous spam emails written in different languages. These spam messages claim that the user's invoice is attached in the mail. The attachment is a
We recently observed a spam email making the rounds with the subject 'SHIPPED ORDER INCORRECT.' The spammed message purports to be a shipping order notification from a known courier delivery service
We have observed a recent spike in spam in Russian language. The spammed message delivers a SHADE ransomware variant via embedded link in the attached .PDF. Upon investigation, this campaign used
Cryptocurrency is the hot new topic nowadays, so it's no surprise that cybercriminals will start to use it as a way to get users to click on their malicious spam mail. For the past few days, we have
<div style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; margin-top: 0px; margin-right: 0p
Related to TSPY_ZBOT.BSN
This is the site where PE_SALITY.RL downloads other malicious files.
TSPY_ZBOT.CDM connects to this URL to download its configuration file.
TROJ_TRACUR.SMDI accesses this URL to download updates or other possibly malicious files.
TSPY_ZBOT.ZBJ sends the stolen information to this URL.
TSPY_ZBOT.ZBI accesses this URL to download its configuration file.
TSPY_ZBOT.ZBI accesses this URL to download its configuration file.
TSPY_ZBOT.KXC sends the gathered information via HTTP POST to this URL.
TSPY_ZBOT.BRG arrives as a file downloaded from this URL.
HTML_REDIR.FH redirects browsers to this site.
TSPY_ZBOT.ABE may be downloaded from this URL.