A Deep Dive into the Evolution of Ransomware Part 3
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. Read More HERE…
Trend Micro Research : Research
A Deep Dive into the Evolution of Ransomware Part 2
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. Read More HERE…
Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool
Trend Micro’s Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX. Read More HERE…
A Deep Dive into the Evolution of Ransomware Part 1
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends. Read More HERE…
Royal Ransomware expands attacks by targeting Linux ESXi servers
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog. Read More HERE…
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea. Read More HERE…
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures. Read More HERE…
Earth Zhulong: Familiar Patterns Target Vietnam
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Vietnam’s telecom, technology, and media sectors similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds. Read More HERE…
Earth Zhulong: Familiar Patterns Target Southeast Asian Firms
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Asian firms similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds. Read More HERE…
Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk
In this investigation, we analyzed several prominent “passive income” applications and found out that there may be security risks upon participating in these programs. Read More HERE…