The Transportation sector cyber threat overview
This report aims at contextualising cyber activities targeting the transportation sector worldwide over the 2022 - 2023 period. This report is based on open source reporting and Sekoia.io observations...Read More
CustomerLoader: a new malware distributing a wide variety of payloads
This blog post aims at presenting a technical analysis of CustomerLoader focusing on the decryption of the next-stage payloads, an overview of more than 30 known and distributed malware...Read More
Overview of the Russian-speaking infostealer ecosystem: the logs
This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes recently used by threat actors to exploit the...Read More
Overview of the Russian-speaking infostealer ecosystem: the distribution
This blog post aims at presenting the main techniques, tools and social engineering schemes used by the cybercriminals from the Russian-speaking infostealer ecosystem and observed by Sekoia.io analysts in...Read More
The Energy sector 2022 cyber threat landscape
This report is a joint CITALID and SEKOIA.IO analysis pertaining to cyber activities targeting the energy sector in 2022 in Europe. It is based on open sources reports and...Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost is a technical analysis of Stealc infostealer, detailing different characteristics of the malware, including anti analysis, strings de-obfuscation and C2 communication techniques.Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost aims at presenting the activities of the Stealc’s alleged developer, a technical analysis of the malware and its C2 communications, and how to track it.Read More
SEKOIA.IO Ransomware Threat Landscape – second-half 2022
This blogpost aims at analysing and highlighting trends within the ransomware ecosystem in the second half of 2022Read More
Raspberry Robin’s botnet second life
As many botnets and worms, SEKOIA.IO analysts demonstrate through this article that Raspberry Robin can be repurposed by other threat actors to deploy their own implants.Read More
Unveiling of a large resilient infrastructure distributing information stealers
This blogpost aims at presenting the current infection chain, payloads and the whole infrastructure used to distribute infostealersRead More