#MalwareEvasion

Flying Under the Radar – Security Evasion Techniques

November 25, 2024 by Xynik

November 25, 2024 at 07:33AM Phishing and malware evasion techniques have evolved significantly, becoming more sophisticated over the years. Hackers employ various strategies, including anti-research techniques and complex redirection methods, to bypass security measures. Ongoing adaptation between attackers and defenders highlights the importance of phishing training, credential monitoring, and advanced threat detection solutions. ### Meeting … Read more

Hackers use macOS extended file attributes to hide malicious code

November 14, 2024 by Xynik

November 14, 2024 at 11:16AM Hackers are using a new technique called RustyAttr to conceal malware in macOS file metadata, evading detection by employing decoy PDFs. This method, reminiscent of Bundlore adware, attributes the samples to North Korean group Lazarus. The malware remains undetected by security agents, indicating an experimental delivery approach. ### Meeting Takeaways … Read more

Evasion Tactics Used By Cybercriminals To Fly Under The Radar

September 12, 2024 by Xynik

September 12, 2024 at 09:36AM Cybersecurity involves an ongoing battle of wits between attackers and defenders. Attackers employ evasion tactics such as cryptic service usage, device ID spoofing, time-based evasion, AI-enhanced anomaly detection, trust abuse in cloud applications, HTML smuggling, and innovative phishing evasion techniques. To counter these tactics, organizations should reduce their attack surface, … Read more

A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets

November 30, 2023 by Xynik

November 30, 2023 at 04:08PM A modified “Gh0st RAT” malware, called “SugarGh0st,” has been targeting South Koreans and Uzbekistan’s Ministry of Foreign Affairs. Distributed via phishing with decoy documents, the updated malware evades detection and allows remote access, data theft, and system manipulation. Originating from March 2008, Gh0st RAT remains effective due to its adaptability … Read more

FjordPhantom Android malware uses virtualization to evade detection

November 30, 2023 by Xynik

November 30, 2023 at 10:17AM Promon discovered the FjordPhantom malware, which uses virtualization to conceal its activities as it targets banking apps in Southeast Asia. It spreads via communication platforms and tricks users into downloading fake banking apps, enabling it to steal credentials and manipulate transactions. The malware breached Android’s security concept, posing a high … Read more