DirtyMoe: Worming Modules

Avast –  Avast –  The DirtyMoe malware is deployed using various kits like PurpleFox or injected installers of Telegram Messenger that require user interaction. Complementary to this deployment, one of…

Avast Q3’21 Threat Report

Avast –  Avast –  Latest Avast Q3’21 Threat Report reveals elevated risk for ransomware and RAT attacks, rootkits and exploit kits return. Foreword The threat landscape is a fascinating environment…

DirtyMoe: Deployment

Avast –  Avast –  Database Connection Issue Sorry, this page can’t be reached because of a database connection issue. If this is your website, you can read more about the…

DirtyMoe: Code Signing Certificate

Avast –  Avast –  Abstract The DirtyMoe malware uses a driver signed with a revoked certificate that can be seamlessly loaded into the Windows kernel. Therefore, one of the goals…

DirtyMoe Botnet Returns With Undetectable Threat Profile

Security Intelligence – Security Intelligence – DirtyMoe Botnet Returns With Undetectable Threat Profile The malware botnet known as DirtyMoe has been around since at least 2016, but its newest version…

DirtyMoe: Rootkit Driver

Avast –  Avast –  Abstract In the first post DirtyMoe: Introduction and General Overview of Modularized Malware, we have described one of the complex and sophisticated malware called DirtyMoe. The…

DirtyMoe: Introduction and General Overview of Modularized Malware

Avast –  Avast –  The rising price of the cryptocurrency has caused a skyrocketing trend of malware samples in the wild. DDoS attacks go hand in hand with the mining…