In the past few months there has been a dramatic increase in cryptocurrency prices. In fact, the crypto market value topped $2 trillion for the first time in history and bitcoin, the largest form of digital currency, hit a record high of more than $61,000, rallying over 100% in 2021 alone. As a result of growing crypto prices, individual investors and businesses have become … [Read more...]
Deobfuscating a Dropper for a ZLoader Trojan Variant
On March 18th, 2021, the DNSWatch Tailored Analysis Team received an email from an internal WatchGuard employee who deemed the email as suspicious. The initial email included an attachment with the title Attachment_57904. A DNSWatch Analyst performed an initial assessment of the file in search of any malicious indicators or behaviors only to discover that the file was a heavily … [Read more...]
Alleged Acer REvil Ransomware Infection Breaks Record with $50+ Million Demand
The REvil ransomware group has come to prominence recently by infecting networks around the world with ransomware and demanding large sums of money from their victims. The group commonly posts proof of their successful ransomware efforts on their blog, called Happy Blog, where one of their most recent victims, Acer, has appeared on the list. Acer has yet to confirm the … [Read more...]
Exchange Server Vulnerabilities Actively Exploited in the Wild
(Updated 03/10/2021 to include defensive tips) As the cybersecurity community continues to reel with the sweeping effects of the SolarWinds attack, the Microsoft Threat Intelligence Center (MSTIC) has released information about another widespread campaign targeting Exchange servers. It has been found that a state-sponsored threat actor operating out of China, which they are … [Read more...]
Is EMOTET Really Gone Forever?
The answer to that question still remains open, but we expect it might return in some form or fashion. Yes, the takedown of EMOTET was successful, but anyone in the world of cybersecurity will tell you that malware has a habit of resurfacing in clever and unexpected ways. Therefore, the same could hold true for the EMOTET botnet as well. What is EMOTET? EMOTET, one of the … [Read more...]
