BlueFox Stealer: a newcomer designed for traffers teams
This blog post on BlueFox Stealer is an extract of the “FLINT 2022-053 – BlueFox Stealer: a newcomer designed for traffers teams” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
XDR detection engineering at scale: crafting detection rules for SecOps efficiency
Introduction In this blogpost we present SEKOIA.IO’s process to create detection rules, which first requires explaining our detection workflow as well as understanding SEKOIA.IO XDR history and specificities.Read More
PrivateLoader: the loader of the prevalent ruzki PPI service
Background Pay-Per-Install (PPI) is a malware service widely used in the cybercrime ecosystem that monetises the installation of malicious software. As generally observed, a malware operator provides a Pay-per-Install...Read More
Traffers: a deep dive into the information stealer ecosystem
Traffers are threat actors playing a key role in the augmentation of the threat surface, and more generally in non-legitimate traffic generation. SEKOIA observed hundreds of advertisements aiming at...Read More
LuckyMouse uses a backdoored Electron app to target MacOS
This blog post on LuckyMouse is an extract of the “FLINT 2022-045 – LuckyMouse uses a backdoored Electron app to target MacOS” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year...Read More
Ongoing Roaming Mantis smishing campaign targeting France
This blog post on Roaming Mantis group is an extract of the “FLINT 2022-037 – Ongoing Roaming Mantis smishing campaign targeting France” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
Vice Society: a discreet but steady double extortion ransomware group
This blog post on Vice Society ransomware group was originally published as a FLINT report (SEKOIA.IO Flash Intelligence) sent to our clients on June 29, 2022. What is Vice Society?...Read More
Raccoon Stealer v2 – Part 2: In-depth analysis
Introduction Raccoon is an information-stealing malware the likes of cryptocurrency wallet stealers such as AgentTesla, Formbook, Redline, and Vidar. In March 2022, Raccoon Team announced their temporary retirement due...Read More