During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content.
Tag: Trend Micro Research : Spam
Security Vendor News
Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
by Ian Kenefick •
We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection.
Security Vendor News
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
by Abraham Camba •
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign.
Security Vendor News
BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors
by Ian Kenefick •
We observed BazarLoader adding two new arrival mechanisms to their current roster of malware delivery techniques.
Security Vendor News
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
by Mohamed Fahmy •
Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell.
Security Vendor News
Analyzing Email Services Abused for Business Email Compromise
by Marshall Chen •
We analyzed five major types of email channels, and the techniques in keywords and domain names BEC actors use to appear legitimate to potential victims.
Security Vendor News
Analyzing Email Services Abused for Business Email Compromise
by Marshall Chen •
We analyzed five major types of email channels, and the techniques in keywords and domain names BEC actors use to appear legitimate to potential victims.
Security Vendor News
APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs
by Jaromir Horejsi •
We have continued tracking APT-C-36, also known as Blind Eagle, since our research on this threat actor in 2019. We share new findings of APT-C-36’s ongoing spam campaign targeting South American entities.
Security Vendor News
Tokyo Olympics Leveraged in Cybercrime Attack
by Trend Micro Research, News, Perspectives •
Just before the opening of the Tokyo Olympics, we confirmed an attack that directed users from a fake TV broadcast schedule page to browser notification spam.
Security Vendor News
Threats Ride on the Covid-19 Vaccination Wave
by Paul Pajares •
We continue monitoring cybercriminals and threats that abuse the pandemic. In this update, we detail trends in malicious activities and deployments that exploit vaccination developments and processes worldwide.