Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom. The Satacom malware is delivered via third-party websites. Some […]
Russian Gangs Obtain 50 Million Passwords
Group-IB, a cybersecurity company, has issued a press release reporting that 34 Russian cybercrime gangs have compromised 50-million accounts through a stealer-as-a-service scam. The scammers have stolen user passwords from sites like Steam and Roblox, and payment information and credentials from Amazon, PayPal, and cryptocurrency wallets. In total, the cybercriminals compromised over 890,000 devices in over 111 countries. Aside from looting passwords, […]
ViperSoftX: Hiding and Stealing
ViperSoftX is a multi-stage stealer that exhibits interesting hiding capabilities. Other than stealing cryptocurrencies, it also spreads the VenomSoftX browser extension, which performs man-in-the-browser attacks. One of the payloads ViperSoftX distributes is a specific information stealer in the form of a browser extension for Chromium-based browsers. Due to its standalone capabilities and uniqueness, we decided […]