<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">
Posted by Morphisec Labs on September 22, 2022

A non-fungible token (NFT) is a record on a blockchain associated with a digital or physical asset—usually a digital file such as a photo, video, or audio. An NFT’s ownership is recorded in the blockchain, and it can be sold and traded. NFTs differ...

Read More
Posted by Hido Cohen & Arnold Osipov on August 11, 2022

The DoNot Team (a.k.a APT-C-35) are advanced persistent threat actors who’ve been active since at least 2016. They’ve targeted many attacks against individuals and organizations in South Asia. DoNot are reported to be the main developers and users...

Read More
Posted by Morphisec Labs on July 6, 2022

To help protect the public, Morphisec Labs constantly monitors, investigates, and assesses the latest threats to help organizations avoid serious consequences. In recent months, threats involving infostealers have escalated. This report analyzes six...

Read More
Posted by Hido Cohen on May 12, 2022

With 50% more users last year than in 2020, the number of people using the community chat platform Discord is growing at a blistering pace. This has led cybercriminals to refine and expand malicious attack use cases for the platform. In this threat...

Read More
Posted by Arnold Osipov on March 29, 2022

The Morphisec Labs team has conducted research on the new Mars infostealer. Mars is based on the older Oski Stealer and was first discovered in June 2021. The new Mars is available for sale on several underground forums and is reported to be under...

Read More
Posted by Hido Cohen & Arnold Osipov on February 14, 2022

With examples changing hands for up to $69 million, hosting digital content on blockchain and selling it to investors has become one of the most lucrative things creators can do. And as rock stars, international artists, and even politicians keep...

Read More
Posted by Michael Dereviashkin on January 25, 2022

Morphisec, through its breach prevention with Moving Target Defense technology, has identified a new, sophisticated campaign delivery which has been successfully evading the radar of many security vendors. Through a simple email phishing tactic...

Read More
Posted by Hido Cohen & Arnold Osipov on November 23, 2021

 

The cryptocurrency market is now worth more than $2.5 trillion. Unfortunately, this fact is not lost on threat actors. As well as using cryptocurrency themselves to extract ransoms, cybercriminals are now also tailoring malware to exploit the...

Read More
Posted by Hido Cohen & Michael Dereviashkin on October 28, 2021
  • The Go language is becoming increasingly popular among threat actors, with attacks starting to appear in 2019
  • Morphisec Labs has tracked a new Golang-based (1.17) ransomware variant that appeared starting in late September and continued...
Read More
Posted by Arnold Osipov on October 14, 2021
  • Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations 
  • MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document
  • MirrorBlast has low detections on...
Read More
Posted by Nadav Lorber on September 21, 2021

In 2020, Morphisec introduced the Jupyter infostealer, a .NET attack that primarily targets Chromium, Firefox, and Chrome browser data while also maintaining the additional capabilities of a backdoor. 

Read More
Posted by Morphisec Labs on July 5, 2021

Introduction

On July 2, 2021, Morphisec Keep, our Cloud Workload Protection Platform, successfully identified and prevented a REvil Ransomware infection within some of our customer domains. This attack was automatically blocked in real time due to...

Read More
Posted by Michael Gorelik on June 2, 2021

In the past month, Morphisec has investigated the origin of several increasingly prevalent infostealers. These include Redline, Taurus, Tesla, and Amadey.

As part of our research, we identified pay-per-click (PPC) ads in Google’s search results that...

Read More
Posted by Arnold Osipov on May 14, 2021

Intro:

The Morphisec Labs team has tracked a unique and ongoing RAT delivery campaign that started in February of this year. This campaign is unique in that it heavily uses the AutoHotKey scripting language—a fork of the AutoIt language that is...

Read More
Posted by Nadav Lorber on May 7, 2021

Morphisec has recently monitored a highly sophisticated Crypter-as-a-Service that delivers numerous RAT families onto target machines.

The Crypter is most commonly delivered through phishing emails, which lead to the download of a visual basic...

Read More
Posted by Michael Gorelik on April 2, 2021

The developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them bypass detection technologies through several distinct approaches, the latest of which we...

Read More
Posted by Nadav Lorber on March 16, 2021

During 2021 Morphisec identified an increased usage of the “HCrypt” crypter. In this post, we will lockpick “HCrypt” – a crypter as a service that is marketed as a FUD (fully undetectable) loader for the client`s RAT of choice. We chose to dissect...

Read More
Posted by Alon Groisman on March 9, 2021

The MineBridge RAT was first identified in January 2020 by security researchers at FireEye, who observed the backdoor attacking financial institutions in the United States with some targets located in South Korea as well. MineBridge was initially...

Read More
Posted by Michael Gorelik on February 11, 2021

Introducing egregor ransomware

Egregor is considered to be one of the most prolific ransomware threat groups. Yet it gained this reputation in a very short time due to its uncompromising double extortion methodology.

Read More
Posted by Michael Dereviashkin on February 8, 2021

During the period between January 15 and 20, Morphisec identified a significant campaign targeting multiple German customers from the manufacturing industry. Targeted personnel were redirected to compromised websites that were, and still are,...

Read More

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.

New call-to-action

Search Our Site

    Recent Posts