CustomerLoader: a new malware distributing a wide variety of payloads
This blog post aims at presenting a technical analysis of CustomerLoader focusing on the decryption of the next-stage payloads, an overview of more than 30 known and distributed malware...Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost is a technical analysis of Stealc infostealer, detailing different characteristics of the malware, including anti analysis, strings de-obfuscation and C2 communication techniques.Read More
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...
This blogpost aims at presenting the activities of the Stealc’s alleged developer, a technical analysis of the malware and its C2 communications, and how to track it.Read More
Raspberry Robin’s botnet second life
As many botnets and worms, SEKOIA.IO analysts demonstrate through this article that Raspberry Robin can be repurposed by other threat actors to deploy their own implants.Read More
Traffers: a deep dive into the information stealer ecosystem
Traffers are threat actors playing a key role in the augmentation of the threat surface, and more generally in non-legitimate traffic generation. SEKOIA observed hundreds of advertisements aiming at...Read More
Ongoing Roaming Mantis smishing campaign targeting France
This blog post on Roaming Mantis group is an extract of the “FLINT 2022-037 – Ongoing Roaming Mantis smishing campaign targeting France” report (Sekoia.io Flash Intelligence) sent to our clients...Read More
Raccoon Stealer v2 – Part 2: In-depth analysis
This blog post is a technical analysis of the new Raccoon Stealer 2.0 stand-alone version. Authors have announced that the malware is also available in a DLL format or...Read More
Raccoon Stealer v2 – Part 1: The return of the dead
Raccoon Stealer was one of the most prolific information stealers in 2021, being used by multiple cybercriminal actors. Due to its wide stealing capabilities, the customizability of the malware...Read More
Mars, a red-hot information stealer
lang: en_US Mars Stealer is an information stealer sold on underground forums by MarsTeam since June 22, 2021, with the malware-as-a-service model. The malware capabilities are those of a...Read More