Anubis

July 2023’s Most Wanted Malware: Remote Access Trojan (RAT) Remcos Climbs to Third Place while Mobile Malware Anubis Returns to Top Spot

Retrieved on: 
Wednesday, August 9, 2023
Educational research, Trojan, Fruit, Remote desktop software, Rat, URI, Directory, C&C, Microsoft Office, Microsoft Windows, SPAM, Health care, Google Store, Intelligence, Microsoft, Check Point, Android, Research, Apache, Maas, Anubis, Organization, UAC, SAN, HTTP, RAT, Form, BASHLITE, CPR, SMS, Online shopping, Video game, Mobile phone, Surveying, Remco

Researchers found that Remcos moved to third place after threat actors created fake websites last month to spread malicious downloaders carrying the RAT.

Key Points: 
  • Researchers found that Remcos moved to third place after threat actors created fake websites last month to spread malicious downloaders carrying the RAT.
  • Meanwhile, mobile banking Trojan Anubis knocked relative newcomer SpinOk from top spot on the mobile malware list, and Education/Research was the most impacted industry.
  • Remcos is a RAT first seen in the wild in 2016 and is regularly distributed through malicious Microsoft documents or downloaders.
  • Last month Anubis took first place in the most prevalent Mobile malware, followed by SpinOk and AhMyth.

May 2023’s Most Wanted Malware: New Version of Guloader Delivers Encrypted Cloud-Based Payloads

Retrieved on: 
Friday, June 9, 2023
Educational research, Trojan, Remote desktop software, Google Drive, URI, Directory, C&C, Education, Microsoft Outlook, Microsoft Windows, Health care, OS, Google Store, Intelligence, Microsoft, Check Point, Android, Brain, Apache, Research, Computer, Form book, Maas, Organization, Google Chrome, SAN, DLL, HTTP, Firefox, RAT, Form, SMS, Software, Cryptocurrency, Online shopping, Video game, Mobile phone, Anubis, BASHLITE, Office

Researchers reported on a new version of shellcode-based downloader GuLoader, which was the fourth most prevalent malware last month.

Key Points: 
  • Researchers reported on a new version of shellcode-based downloader GuLoader, which was the fourth most prevalent malware last month.
  • With fully encrypted payloads and anti-analysis techniques, the latest form can be stored undetected in well-known public cloud services, including Google Drive.
  • The payloads are fully encrypted and stored undetected in renowned public cloud services, including Google Drive.
  • It has recently been seen abusing a dynamic link library (DLL) hijacking flaw in the Windows 10 WordPad program to infect computers.

Cubic Demonstrates Actionable Intelligence Solutions at GEOINT 2023 Symposium

Retrieved on: 
Friday, May 19, 2023
Hardware, Contracts, Security, Aerospace, Data Management, Manufacturing, Government Technology, Technology, Audio, Video, Apps, Applications, Defense, Military, Software, Mobile, Wireless, Engineering, WMS, CDL, HORUS, Platform as a service, CDI, Infrastructure as a service, HiPER, PED, WMTS, Android Team Awareness Kit, MEO, TDL, IAC, Kiosk, LAN, TAK, Mission, 3D, NITF, ISR, Intelligence, XP, Multimedia, Function as a service, SATCOM, Geographic information systems in geospatial intelligence, Afghanistan Accession to World Trade Organization, COP, KML, PNG, Wavefront .obj file, DRIVE, Joint Tactical Radio System, GEO, GM, Symposium, Machine learning, LEO, MFP, Architecture, WCS, FMV, Aviation Performance Solutions, CMPS, JPEG, GEOINT, Unified, Geospatial intelligence, Common, Video game, Online shopping, Anubis

Cubic Mission and Performance Solutions (CMPS) will showcase actionable intelligence solutions from the edge to the enterprise at the Geospatial Intelligence (GEOINT) 2023 Symposium, May 22 to 24 at America’s Center Convention Complex in St. Louis, Missouri.

Key Points: 
  • Cubic Mission and Performance Solutions (CMPS) will showcase actionable intelligence solutions from the edge to the enterprise at the Geospatial Intelligence (GEOINT) 2023 Symposium, May 22 to 24 at America’s Center Convention Complex in St. Louis, Missouri.
  • (Graphic: Business Wire)
    Cubic Digital Intelligence provides secure full-motion video and geospatial solutions to transform intelligence ecosystem into a capability advantage.
  • “We’re looking forward to demonstrating our deployed and trusted edge solutions that enable data-centric operations.”
    Visit Cubic Mission and Performance Solutions in Booth #1102 .
  • Top executives will be on-site to demonstrate solutions that include edge computing and networking, geospatial intelligence and tracking terminal solutions.

April 2023’s Most Wanted Malware: Qbot Launches Substantial Malspam Campaign and Mirai Makes its Return

Retrieved on: 
Thursday, May 11, 2023
Trojan, Engineering education research, Remote desktop software, URI, Directory, Prevalence, C&C, Cybercrime, Microsoft Outlook, Internet of things, Microsoft Windows, Health care, OS, Google Store, Denial-of-service attack, Intelligence, Microsoft, Check Point, Android, Research, Apache, Maas, Anubis, Organization, Google Chrome, IOT, SAN, Medusa, Firefox, HTTP, Form, RAT, BASHLITE, PDF, CPR, SMS, Software, Cryptocurrency, Arms industry, Online shopping, Video game, Mobile phone, Surveying

Last month, researchers uncovered a substantial Qbot malspam campaign distributed through malicious PDF files attached to emails seen in multiple languages.

Key Points: 
  • Last month, researchers uncovered a substantial Qbot malspam campaign distributed through malicious PDF files attached to emails seen in multiple languages.
  • Researchers found instances of the malspam being sent in multiple different languages, which means organizations can be targeted worldwide.
  • Last month also saw the return of Mirai, one of the most popular IoT malwares.
  • This latest campaign follows an extensive report published by Check Point Research (CPR) on the prevalence of IOT attacks .

Cubic Demonstrates Mission-Driven Multi-Domain Solutions at SOF Week 2023

Retrieved on: 
Monday, May 1, 2023
Hardware, Other Defense, Contracts, Security, Aerospace, Satellite, Manufacturing, Government Technology, Technology, Defense, Military, Other Manufacturing, Other Technology, Software, Networks, Engineering, Online, M3X, PED, Embassy Suites by Hilton, Android Team Awareness Kit, TAK, Mission, Annual, SOF, Delta Force: Task Force Dagger, Special forces, ISR, Multimedia, Anubis, Competition, Flex, Tampa Convention Center, Tactic, Raffle, Aviation Performance Solutions, CMPS, Video game, Cubic

Cubic Mission and Performance Solutions (CMPS) will showcase decision-making at the edge solutions at the Special Operations Forces (SOF) Week event May 9–11 at the Tampa Convention Center in Tampa, Florida.

Key Points: 
  • Cubic Mission and Performance Solutions (CMPS) will showcase decision-making at the edge solutions at the Special Operations Forces (SOF) Week event May 9–11 at the Tampa Convention Center in Tampa, Florida.
  • Join us at SOF Week to learn how Cubic's portfolio of complementary capabilities accelerates the decision advantage at the edge.
  • “Our commitment is to deliver trusted capabilities to the warfighter that enable data-centric, multi-domain operations.”
    Visit Cubic Mission and Performance Solutions in Exhibitor Booth #1605 and the Embassy Suites, Skyway Meeting Rooms at SOF Week.
  • Expanding beyond Cubic’s SOF Week exhibition booth, the company will be supporting the Task Force Dagger Special Operations Foundation by presenting the Annual SOF Online Auction and Raffle on May 9.

March 2023’s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files

Retrieved on: 
Monday, April 10, 2023
Trojan, Engineering education research, Remote desktop software, C&C, Health care, OS, Google Store, Intelligence, Microsoft OneNote, Microsoft, Check Point, Android, Research, Apache, Maas, Anubis, Organization, SAN, HTTP, RAT, Form, BASHLITE, CPR, SMS, Arms industry, Online shopping, Inspection, Mobile phone, Surveying, Emotet

Last month, researchers uncovered a new malware campaign for Emotet Trojan, which rose to become the second most prevalent malware last month.

Key Points: 
  • Last month, researchers uncovered a new malware campaign for Emotet Trojan, which rose to become the second most prevalent malware last month.
  • As reported earlier this year, Emotet attackers have been exploring alternative ways to distribute malicious files since Microsoft announced they will block macros from office files .
  • In the latest campaign, the attackers have adopted a new strategy of sending spam emails containing a malicious OneNote file.
  • The attackers then use the gathered information to expand the reach of the campaign and facilitate future attacks.

February 2023’s Most Wanted Malware: Remcos Trojan Linked to Cyberespionage Operations Against Ukrainian Government

Retrieved on: 
Thursday, March 9, 2023
RAR, Disclosure, CPR, Maas, Apache, Ukrtelecom, Android, Check Point, Intelligence, Russo-Ukrainian War, Health care, URI, SAN, BASHLITE, Research, RAT, Educational research, Directory, Denial-of-service attack, Form book, Emotet, Google Store, SMS, OS, Trojan, Anubis, C&C, Form, Organization, Remote desktop software, Arms industry, Online shopping, Mobile phone, Surveying

Meanwhile, Emotet Trojan and Formbook Infostealer climbed the ranking taking second and third place respectively, while Education/Research remained the most targeted industry.

Key Points: 
  • Meanwhile, Emotet Trojan and Formbook Infostealer climbed the ranking taking second and third place respectively, while Education/Research remained the most targeted industry.
  • The ongoing attacks are believed to be linked to cyberespionage operations due to the behavior patterns and offensive capabilities of the incidents.
  • However, the latest campaign used a more traditional route of attack, using phishing scams to obtain user information and extract data.
  • It’s important that all organizations and government bodies follow safe security practices when receiving and opening emails.

January 2023’s Most Wanted Malware: Infostealer Vidar Makes a Return while Earth Bogle njRAT Malware Campaign Strikes

Retrieved on: 
Monday, February 13, 2023
NjRAT, HTTP, Organization, Check Point, Microsoft Windows, Google Store, OS, Microsoft Outlook, DVR, BASHLITE, URL, CPR, Microsoft, Disclosure, Software, RAT, Educational research, Remote desktop software, Research, SMS, Google Chrome, Intelligence, Health care, AnyDesk, Android (operating system), SAN, SSL, Trojan, Anubis, Firefox, Android, PuTTY, Cryptocurrency, Online shopping, Mobile phone, Surveying

In January, infostealer Vidar was seen spreading through fake domains claiming to be associated with remote desktop software company AnyDesk.

Key Points: 
  • In January, infostealer Vidar was seen spreading through fake domains claiming to be associated with remote desktop software company AnyDesk.
  • Researchers also identified a major campaign dubbed Earth Bogle delivering the njRAT malware to targets across the Middle East and North Africa.
  • njRAT came in at number ten on the top malware list, having dropped off after September 2022.
  • “Once again, we’re seeing malware groups use trusted brands to spread viruses, with the aim of stealing personal identifiable information.

December 2022’s Most Wanted Malware: Glupteba Entering Top Ten and Qbot in First Place

Retrieved on: 
Friday, January 13, 2023
Injection, RAT, BASHLITE, URI, OS, Education, Botnet, TeamViewer, Anubis, Check Point, Research, Trojan, CPR, Directory, HTTP, Remote desktop software, Organization, Fuel injection, SMS, Health care, Intelligence, Software, Monolithic kernel, SAN, CPU, Disclosure, Google Store, Android, Engineering education research, Mobility as a service, Cryptocurrency, Mobile phone, Online shopping, Surveying, Emotet

Last month saw Glupteba Malware, an ambitious blockchain-enabled Trojan botnet, return to the top ten list for the first time since July 2022, moving into eighth place.

Key Points: 
  • Last month saw Glupteba Malware, an ambitious blockchain-enabled Trojan botnet, return to the top ten list for the first time since July 2022, moving into eighth place.
  • Although Google managed to cause major disruption to Glupteba operations in December 2021, it seems to have sprung back into action.
  • This means that a Glupteba infection could lead to a ransomware infection, data breach, or other security incidents.
  • Glupteba is also designed to steal user credentials and session cookies from infected machines.

November 2022’s Most Wanted Malware: A Month of Comebacks for Trojans as Emotet and Qbot Make an Impact

Retrieved on: 
Tuesday, December 13, 2022
Trojan, Microsoft Outlook, SAN, Law enforcement, USB, Research, Google Store, Google Chrome, Prevalence, Software, URI, Disclosure, HTTP, Hydra, Point, Intelligence, Firefox, Engineering education research, Android, Remote desktop software, Health care, Microsoft, Directory, Organization, Anubis, CPR, Check Point, SMS, TeamViewer, Mobility as a service, RAT, Weapon, Cryptocurrency, Video game console, Online shopping, Mobile phone, Surveying, Emotet, BASHLITE
Key Points: