Ransomware
Intezer Analyze community roundup
Maze ransomware, APT41 and Lazarus highlight this month’s community samples 1. More_eggs variant with low Antivirus detections has modified string encoding mechanisms...
Intezer Featured in IBM X-Force Threat Index
Banking trojans and ransomware were the top innovators in 2019 malware code evolution Drawing on previous IBM X-Force collaboration in detecting new...
PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers
Analysis by Intezer and IBM X-Force points its origins to a Malware-as-a-Service (MaaS) provider utilized by the Cobalt Gang and FIN6 attack...
Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns
Introduction We previously reported on how we managed to temporarily shut down 15 operative QNAPCrypt ransomware campaigns targeting Linux-based file storage systems...
Why we Should be Paying More Attention to Linux Threats
In a previous post we wrote for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of...
Intezer Analyze Community: GonnaCry, HawkEye, BXAQ and More
In July, Intezer Analyze community detections included GonnaCry ransomware, the HawkEye malware kit, and BXAQ, the spyware that Chinese authorities have been...
Intezer Analyze Community: Mapping Code Connections Between Malware Samples
In addition to highlighting five notable file uploads and endpoint scans made by our community users each month, I thought it was...
How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers
Introduction It is rare to see ransomware being used to target the Linux operating system. However, cyber criminals seem to adapt...
Top Five Community Uploads | April 2019
This month’s Intezer Analyze community findings include malware employed by two cyber espionage groups linked to the Russian government and an endpoint...
Iron Cybercrime Group Under The Scope
In April 2018, while monitoring public data feeds, we noticed an interesting and previously unknown backdoor using HackingTeam’s leaked RCS source code....