Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures. Read More HERE…
Trend Micro Research : Research
Earth Zhulong: Familiar Patterns Target Vietnam
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Vietnam’s telecom, technology, and media sectors similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds. Read More HERE…
Earth Zhulong: Familiar Patterns Target Southeast Asian Firms
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Asian firms similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds. Read More HERE…
Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk
In this investigation, we analyzed several prominent “passive income” applications and found out that there may be security risks upon participating in these programs. Read More HERE…
What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits
We analyze a BEC campaign targeting large companies around the world that was leveraging open-source tools to stay under the radar. Read More HERE…
New Mimic Ransomware Abuses Everything APIs for its Encryption Process
Trend Micro researchers discovered a new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage. Read More HERE…
Vice Society Ransomware Group Targets Manufacturing Companies
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry. Read More HERE…
“Payzero” Scams and The Evolution of Asset Theft in Web3
In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”. Read More HERE…
Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader). Read More HERE…