Browser PluginsCybersecurityMalware descriptionsMalware TechnologiesMicrosoft WindowsMinerPhishingPiracyRAT TrojanSilentCryptoMinerWindows malwareXMRig
Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years
Introduction In late April 2026, a...
APTAPT (Targeted attacks)APT reportsBackdoorCloud AtlasCybersecurityMalware descriptionsMalware TechnologiesMicrosoft WindowsPhishingPowerShellSSHTargeted attacksWindows malware
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
In 2025, we observed pervasive SSH...
APTAPT (Targeted attacks)APT reportsCybersecurityGReAT researchMalwareMalware descriptionsMalware TechnologiesOceanLotusPythonSupply-chain attackTargeted attacksZiChatBot
OceanLotus suspected of using PyPI to deliver ZiChatBot malware
Introduction Through our daily threat hunting,...
ABCDoorAPTAPT (Targeted attacks)APT reportsBackdoorCybersecurityGReAT researchMalwareMalware descriptionsMalware TechnologiesRATRustSLSilver FoxSpam and phishingSpear phishingTargeted attacksTrojanValleyRAT
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
In December 2025, we detected a...
BrazilCybersecurityData theftDLLDLL sideloadingencryptionFinancial malwareFinancial threatsGReAT researchInternet BankingMalwareMalware descriptionsMalware TechnologiesObfuscationRATRAT TrojanWindows malware
JanelaRAT: a financial threat targeting users in Latin America
Background JanelaRAT is a malware family...
ClipBankerCybersecurityGitHubMalwareMalware descriptionsMalware TechnologiesPowerShellProxifierTrojanWindows malware
The long road to your crypto: ClipBanker and its marathon infection chain
At the start of the year,...
CrustalX RATCybersecurityKeyloggersMalwareMalware descriptionsMalware TechnologiesMalware-as-a-ServicePrankwareRAT TrojanspywareTrojanTrojan-stealerWindows malware
A laughing RAT: CrystalX combines spyware, stealer, and prankware features
Introduction In March 2026, we discovered an...
AppleApple iOSAPTAPT (Targeted attacks)CybersecurityencryptionExploit KitsGReAT researchMalware descriptionsMobile MalwareMobile threatsSafariTriangulationVulnerabilities and exploitsZero-day vulnerabilities
Coruna: the framework used in Operation Triangulation
Introduction On March 4, 2026, Google...
CybersecurityFinancial threatsHorabotMalwareMalware descriptionsMalware TechnologiesPonteiroSOC, TI and IR postsSpammer techniquesThe SOC filesTrojanTrojan BankerWindows malware
The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico
Introduction In this installment of our...
BoletoBrazilCybersecurityDefense evasionDLLFinancial threatsGoogle ChromeGReAT researchInternet BankingMalwareMalware descriptionsMalware TechnologiesMITMPowerShellshellcodeTrojan BankerWhatsAppWindows malware
Free real estate: GoPix, the banking Trojan living off your memory
Introduction GoPix is an advanced persistent...