Windows malware

Incidents

Watch out for Nyxem.e

We’ve just issued an alert for Nyxem.e, due to the number of reports we’ve been receiving for the past few days but also because of its destructive payload which activates on 3rd of every month.

Incidents

IM-Bot?

I recently came across an interesting IRCBot which KAV detects as Backdoor.Win32.IRCBot.lo. When I took a closer look at it, I found out that it’s quite an advanced bot with a lot of features.

Reports

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.