The PhishLabs Blog

Jason Davison, Threat Analyst

Find me on:

Recent Posts

Smoke Loader Adds Additional Obfuscation Methods to Mitigate Analysis

Posted by Jason Davison, Threat Analyst on Aug 4, '17

 Sample Analyzed:
415a75cd01a4b00385c974b59bbbd3e5211a985bf2560d7639d464fd5a56e9e6

Smoke Loader, also known as Dofoil, has been advertised on dark web forums since at least mid 2011.[1] Since initial release, this modular loader has continued to evolve with the addition of more complex anti-analysis techniques. Modular loaders such as this work by communicating with the command and control infrastructures to receive secondary execution instructions and/or to download additional functional modules, providing multiple stages of infection. Currently, Smoke Loader’s primary delivery method is via exploit kits, primarily Rig EK. Smoke Loader is commonly used to load the Trickbot banking Trojan and Globe Imposter ransomware.

Read More

Topics: Malware, Smoke Loader

Examining a New Cybercrime OPSEC Technique (And How to Break It)

Posted by Jason Davison, Threat Analyst on May 17, '16

The techniques that cybercriminals use are becoming more advanced. They are going to greater lengths to commit fraud, compromise computers, and steal credentials. The time, money, and effort attackers spend crafting attacks makes it important that they protect their work from being stolen by others or give their actions more life by evading technical analysts and investigators.

Read More

Topics: Phishing, Threat Analysis, Strategy

Mobile Spyware: Who is Reading Your Text Messages and Why?

Posted by Jason Davison, Threat Analyst on Jan 14, '16

Find me on 

PhishLabs has recently discovered and analyzed a malicious mobile application that is being actively distributed via a SMiShing (phishing via text message) campaign which attempts to hijack two-factor authentication (one time password) by viewing the victim’s SMS messages.

Read More

Topics: Mobile, Spyware

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Upcoming Events

Calendar_Mock_

Posts by Topic

see all