CustomerLoader: a new malware distributing a wide variety of payloads
This blog post aims at presenting a technical analysis of CustomerLoader focusing on the decryption of the next-stage payloads, an overview of more than 30 known and distributed malware...Read More
Overview of the Russian-speaking infostealer ecosystem: the logs
This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes recently used by threat actors to exploit the...Read More
Overview of the Russian-speaking infostealer ecosystem: the distribution
This blog post aims at presenting the main techniques, tools and social engineering schemes used by the cybercriminals from the Russian-speaking infostealer ecosystem and observed by Sekoia.io analysts in...Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost is a technical analysis of Stealc infostealer, detailing different characteristics of the malware, including anti analysis, strings de-obfuscation and C2 communication techniques.Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost aims at presenting the activities of the Stealc’s alleged developer, a technical analysis of the malware and its C2 communications, and how to track it.Read More
Unveiling of a large resilient infrastructure distributing information stealers
This blogpost aims at presenting the current infection chain, payloads and the whole infrastructure used to distribute infostealersRead More
Aurora: a rising stealer flying under the radar
SEKOIA.IO analysed Aurora in depth and share the results of our investigation in this article.Read More
BlueFox Stealer: a newcomer designed for traffers teams
This blog post on BlueFox Stealer is an extract of the “FLINT 2022-053 – BlueFox Stealer: a newcomer designed for traffers teams” report (Sekoia.io Flash Intelligence) sent to our clients...Read More
Traffers: a deep dive into the information stealer ecosystem
Traffers are threat actors playing a key role in the augmentation of the threat surface, and more generally in non-legitimate traffic generation. SEKOIA observed hundreds of advertisements aiming at...Read More
Ongoing Roaming Mantis smishing campaign targeting France
This blog post on Roaming Mantis group is an extract of the “FLINT 2022-037 – Ongoing Roaming Mantis smishing campaign targeting France” report (Sekoia.io Flash Intelligence) sent to our clients...Read More