Ignacio Sanmillan, Author at Intezer
[contact-form-7 404 "Not Found"]

Blog

Cybersecurity DNA

ACBackdoor: Analysis of a New Multiplatform Backdoor

18 Nov 2019
Introduction We have discovered an undetected Linux backdoor which does not have any known connections to other threat groups. VirusTotal detection rate...
By Ignacio Sanmillan

Watching the WatchBog: New BlueKeep Scanner and Linux Exploits

24 Jul 2019
  Overview We have discovered a new version of WatchBog—a cryptocurrency-mining botnet operational since late 2018—that we suspect has compromised more than 4,500...
By Ignacio Sanmillan

How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers

10 Jul 2019
  Introduction It is rare to see ransomware being used to target the Linux operating system. However, cyber criminals seem to adapt...
By Ignacio Sanmillan

HiddenWasp Malware Stings Targeted Linux Systems

29 May 2019
  Overview • Intezer has discovered a new, sophisticated malware that we have named “HiddenWasp”, targeting Linux systems. • The malware is...
By Ignacio Sanmillan

Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud

09 May 2019
Pacha Group is a crypto-mining threat actor we at Intezer discovered and profiled in a blog post published on February 28, 2019....
By Ignacio Sanmillan

Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers

28 Feb 2019
Introduction Cryptomining malware, also known as cryptojacking or cryptocurrency mining malware, refers to software developed to take over a computer’s resources and...
By Ignacio Sanmillan

ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups

07 Jan 2019
Introduction Distributed denial-of-service (DDoS) attacks were on the rise in 2018, ranging from a high volume of Mirai attacks to more sophisticated...
By Ignacio Sanmillan

Muhstik Botnet Reloaded: New Variants Targeting phpMyAdmin Servers

12 Nov 2018
The Muhstik botnet was first exposed by Netlab360 researchers in May 2018. This botnet targeted mainly GPON routers. At Intezer we found that Muhstik is extending its spectrum...
By Ignacio Sanmillan

Intezer Analyze™ ELF Support Release: Hakai Variant Case Study

30 Aug 2018
ELF SUPPORT We would like to proudly announce that Intezer Analyze™ now supports genetic malware analysis for ELF binaries! You may now...
By Ignacio Sanmillan

Executable and Linkable Format 101 Part 3: Relocations

23 Apr 2018
In our previous post, we went through the concept of symbols and their functionality. In this post we will introduce the concept...
By Ignacio Sanmillan

Executable and Linkable Format 101. Part 2: Symbols

07 Feb 2018
In our previous post, we focused on understanding the relationship between sections and segments, which serve as the foundation for understanding the...
By Ignacio Sanmillan

Executable and Linkable Format 101 - Part 1 Sections and Segments

02 Jan 2018
Introduction This marks the first of several blog posts that will focus on Executable and Linkable Format (ELF) files. In this series,...
By Ignacio Sanmillan

Popular Posts

Categories

© Intezer.com 2019 All rights reserved