Zloader 2: The Silent Night

Avast –  Avast –  In this study we are considering one of Zeus successors – Zloader 2. We’ll show how it works and its code peculiarities. We’ll present the result…

Operation Dragon Castling: APT group targeting betting companies

Avast –  Avast –  We recently discovered an APT campaign we are calling Operation Dragon Castling. The campaign is targeting what appears to be betting companies in South East Asia,…

Mēris and TrickBot standing on the shoulders of giants

Avast –  Avast –  This is the story of piecing together information and research leading to the discovery of one of the largest botnet-as-a-service cybercrime operations we’ve seen in a…

DirtyMoe: Worming Modules

Avast –  Avast –  The DirtyMoe malware is deployed using various kits like PurpleFox or injected installers of Telegram Messenger that require user interaction. Complementary to this deployment, one of…

Raccoon Stealer: “Trash panda” abuses Telegram

Avast –  Avast –  We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and…

Help for Ukraine: Free decryptor for HermeticRansom ransomware

Avast –  Avast –  On February 24th, the Avast Threat Labs discovered a new ransomware strain accompanying the data wiper HermeticWiper malware,  which our colleagues at ESET found circulating in…

Decrypted: TargetCompany Ransomware

Avast –  Avast –  On January 25, 2022, a victim of a ransomware attack reached out to us for help. The extension of the encrypted files and the ransom note…

Analysis of Attack Against National Games of China Systems

Avast –  Avast –  Introduction On September 15, 2021 the National Games of China began in the Chinese city of Shaanxi. It is an event similar if not identical to…