Proofpoint Staff

  • Parasite HTTP RAT cooks up a stew of stealthy tricks - - Proofpoint - Proofpoint Staff Parasite HTTP
  • Hunter Exploit Kit Targets Brazilian Banking Customers - 2015-08-27 - Proofpoint - Proofpoint Staff Hunter
  • Dyre Malware Campaigners Innovate with Distribution Techniques - 2015-10-08 - Proofpoint - Proofpoint Staff
  • Vawtrak and UrlZone Banking Trojans Target Japan - 2016-02-05 - Proofpoint - Proofpoint Staff URLZone Vawtrak Angler
  • Dridex Actors Get In the Ransomware Game With "Locky" - 2016-02-16 - Proofpoint - Proofpoint Staff Locky Neutrino TA505
  • Nymaim Moves Past Its Ransomware Roots - What Is Old Is New Again - 2016-02-26 - Proofpoint - Proofpoint Staff Sagrid Nymaim
  • CryptXXX 2.0: Ransomware Authors Strike Back Against Free Decryption Tool - 2016-05-09 - Proofpoint - Proofpoint Staff CryptXXX GooNky Angler
  • CryptXXX Ransomware Learns the Samba, Other New Tricks With Version 3.100 - 2016-06-01 - Proofpoint - Proofpoint Staff StillerX CryptXXX
  • Threat Actors Using Legitimate PayPal Accounts To Distribute Chthonic Banking Trojan - 2016-07-26 - Proofpoint - Proofpoint Staff Chthonic AZORult
  • Spike in Kovter Ad Fraud Malware Riding on Clever Macro Trick - 2016-10-10 - Proofpoint - Proofpoint Staff Kovter TA530
  • Ostap Bender: 400 Ways to Make the Population Part With Their Money - 2016-12-08 - Proofpoint - Proofpoint Staff Ostap Dridex Gozi ISFB TinyLoader
  • Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day - 2017-04-10 - Proofpoint - Proofpoint Staff CVE-2017-0199 Dridex TA505
  • Threat Actor Profile: TA505, From Dridex to GlobeImposter - 2017-09-27 - Proofpoint - Proofpoint Staff TA505 Dridex Trickbot Shifu
  • Kovter Group malvertising campaign exposes millions to potential malware and fraud - 2017-10-07 - Proofpoint - Kafeine - Proofpoint Staff KovCoreG Kovter
  • Leaked Ammyy Admin Source Code Turned into Malware - 2018-03-07 - Proofpoint - Proofpoint Staff FlawedAmmyy TA505 Quant
  • DanaBot - A new banking Trojan surfaces Down Under - 2018-05-31 - Proofpoint - Proofpoint Staff Danabot CryptXXX
  • TA505 Abusing SettingContent-ms within PDF files to Distribute FlawedAmmyy RAT - 2018-07-19 - Proofpoint - Proofpoint Staff FlawedAmmyy TA505
  • Kronos Reborn - 2018-07-24 - Proofpoint - Proofpoint Staff Osiris RIG
  • New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign - 2018-07-30 - Proofpoint - Proofpoint Staff AZORult
  • sLoad and Ramnit pairing in sustained campaigns against UK and Italy - 2018-10-23 - Proofpoint - Proofpoint Staff TA554 sLoad Ramnit PsiXBot Gootkit Snatch
  • LCG Kit: Sophisticated builder for Malicious Microsoft Office Documents - 2018-12-13 - Proofpoint - Proofpoint Staff LCG KIT CVE-2018-8174
  • ServHelper and FlawedGrace - New malware introduced by TA505 - 2019-01-09 - Proofpoint - Dennis Schwarz - Proofpoint Staff ServHelper FlawedGrace TA505
  • DanaBot control panel revealed - 2019-03-13 - Proofpoint - Dennis Schwarz - Proofpoint Staff Danabot
  • New KPOT v2.0 stealer brings zero persistence and in-memory features to silently steal credentials - 2019-05-09 - Proofpoint - Dennis Schwarz - Proofpoint Staff KPOT Fallout RIG
  • URLZone top malware in Japan, while Emotet and LINE Phishing round out the landscape - 2019-06-19 - Proofpoint - Proofpoint Staff TA544 URLZone Gozi v3 Vawtrak TA505 FlawedAmmyy
  • TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States - 2019-07-02 - Proofpoint - Matthew Mesa - Dennis Schwarz - Proofpoint Staff AndroMut FlawedAmmyy TA505
  • Threat Actor Profile: TA544 targets geographies from Italy to Japan with a range of malware - 2019-07-11 - Proofpoint - Proofpoint Staff TA544 Nymaim Gozi ISFB URLZone