ClipBankerCybersecurityGitHubMalwareMalware descriptionsMalware TechnologiesPowerShellProxifierTrojanWindows malware
The long road to your crypto: ClipBanker and its marathon infection chain
At the start of the year,...
Credentials theftCredit CardscrimewareCybersecurityDarknetData theftDigital forensicsFinancial malwareFinancial threatsGrandoreiroInfostealersMastercardMaverickMobile MalwareMoney theftPaypalPhishingPhishing websitesPublicationsScamSpam and phishingTrojan BankerVISAWeb threatsWindows malware
Financial cyberthreats in 2025 and the outlook for 2026
In 2025, the financial cyberthreat landscape...
CrustalX RATCybersecurityKeyloggersMalwareMalware descriptionsMalware TechnologiesMalware-as-a-ServicePrankwareRAT TrojanspywareTrojanTrojan-stealerWindows malware
A laughing RAT: CrystalX combines spyware, stealer, and prankware features
Introduction In March 2026, we discovered an...
CybersecurityFinancial threatsHorabotMalwareMalware descriptionsMalware TechnologiesPonteiroSOC, TI and IR postsSpammer techniquesThe SOC filesTrojanTrojan BankerWindows malware
The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico
Introduction In this installment of our...
BoletoBrazilCybersecurityDefense evasionDLLFinancial threatsGoogle ChromeGReAT researchInternet BankingMalwareMalware descriptionsMalware TechnologiesMITMPowerShellshellcodeTrojan BankerWhatsAppWindows malware
Free real estate: GoPix, the banking Trojan living off your memory
Introduction GoPix is an advanced persistent...
Arkanix StealerCybersecurityData theftGReAT researchInfostealersMalwareMalware descriptionsMalware TechnologiesMalware-as-a-ServicePythonTrojanTrojan-stealerUnix and macOS malwareWindows malware
Arkanix Stealer: a C++ & Python infostealer
Introduction In October 2025, we discovered...
Antivirus TechnologiesCybersecurityIncidentsLummaMalwareMalware descriptionsMalware TechnologiesOnline GamesSecurity technologyshellcodeTrojan-stealerWeb threatsWindows malware
The game is over: when “free” comes at too high a price. What we know about RenEngine
We often describe cases of malware...
CobaltStrikeCybersecurityDLL sideloadingGReAT researchIncidentsMalwareMalware descriptionsMalware TechnologiesshellcodeSupply-chain attackWindows malware
The Notepad++ supply chain attack — unnoticed execution chains and new IoCs
Introduction On February 2, 2026, the...
Supply chain attack on eScan antivirus: detecting and remediating malicious updates
On January 20, a supply chain...
APTAPT (Targeted attacks)APT reportsCybersecurityDefense evasionDNS manipulationencryptionEvasive PandaGReAT researchMalwareMalware descriptionsMalware TechnologiesshellcodeTargeted attacksWindows malware
Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction The Evasive Panda APT group...