<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">
Posted by Morphisec Labs on July 5, 2021

Introduction

On July 2, 2021, Morphisec Keep, our Cloud Workload Protection Platform, successfully identified and prevented a REvil Ransomware infection within some of our customer domains. This attack was automatically blocked in real time due to Morphisec's proactive protection mechanism, which resulted in no harm to the customer.

Read More
Posted by Michael Gorelik on June 2, 2021

Introduction

In the past month, Morphisec has investigated the origin of several increasingly prevalent infostealers. These include Redline, Taurus, Tesla, and Amadey.

As part of our research, we identified pay-per-click (PPC) ads in Google’s search results that lead  to downloads of malicious AnyDesk, Dropbox and Telegram packages wrapped as ISO images.

Read More
Posted by Arnold Osipov on May 14, 2021

Intro:

The Morphisec Labs team has tracked a unique and ongoing RAT delivery campaign that started in February of this year. This campaign is unique in that it heavily uses the AutoHotKey scripting language—a fork of the AutoIt language that is frequently used for testing purposes. 

Read More
Posted by Nadav Lorber on May 7, 2021

Introduction

Morphisec has recently monitored a highly sophisticated Crypter-as-a-Service that delivers numerous RAT families onto target machines.

The Crypter is most commonly delivered through phishing emails, which lead to the download of a visual basic file. In some cases, however, the attack chain starts with a large install file, such as an Adobe installer, which bundles the next stage. 

Read More
Posted by Michael Gorelik on April 2, 2021

Introduction

The developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them bypass detection technologies through several distinct approaches, the latest of which we detail in this blog. 

Read More
Posted by Nadav Lorber on March 16, 2021

Introduction

During 2021 Morphisec identified an increased usage of the “HCrypt” crypter. In this post, we will lockpick “HCrypt” – a crypter as a service that is marketed as a FUD (fully undetectable) loader for the client`s RAT of choice. We chose to dissect the crypter’s operations along with tracking several actors that utilize it.

Read More
Posted by Alon Groisman on March 9, 2021

Introduction

The MineBridge RAT was first identified in January 2020 by security researchers at FireEye, who observed the backdoor attacking financial institutions in the United States with some targets located in South Korea as well. MineBridge was initially classified as a C++ backdoor that was delivered via phishing campaigns. 

Read More
Posted by Michael Gorelik on February 11, 2021

Introducing egregor ransomware

Egregor is considered to be one of the most prolific ransomware threat groups. Yet it gained this reputation in a very short time due to its uncompromising double extortion methodology.

Read More
Posted by Michael Dereviashkin on February 8, 2021

Introduction

During the period between January 15 and 20, Morphisec identified a significant campaign targeting multiple German customers from the manufacturing industry. Targeted personnel were redirected to compromised websites that were, and still are, delivering advanced fileless downloaders that eventually lead to an Osiris client with a bundled mini-Tor communicating to a C2 onion Tor panel.

Read More
Posted by Nadav Lorber on February 5, 2021

Introduction

In this post, we will be covering CinaRAT loader`s evasive TTPs (tactics, techniques, and procedures) as have been identified and prevented by Morphisec’s zero-trust endpoint security solution, powered by moving target defense technology. 

Read More

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.

New call-to-action

Search Our Site

    Recent Posts

    Posts by Tag

    See all