Dismiss this notice
Ashampoo Photo Optimizer 7 New Year 2019 Giveaway-https://www.geeks.fyi/showthread.php?tid=4948

Dismiss this notice
MakeUSLaugh_HitmanPro.Alert New Year 2019 Giveaway- https://www.geeks.fyi/showthread.php?tid=4946

Dismiss this notice
Ashampoo Burning Studio 20 New Year 2019 Giveaway- https://www.geeks.fyi/showthread.php?tid=4947

Dismiss this notice
PowerISO New Year 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5170


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
A Zebrocy Go Downloader
#1
Information 
[Image: Zeb_payments-1024x157.png]
Quote:Last year at SAS2018 in Cancun, Mexico, “Masha and these Bears” included discussion of a subset of Sofacy activity and malware that we call “Zebrocy”, and predictions for the decline of SPLM/XAgent Sofacy activity coinciding with the acceleration of Zebrocy activity and innovation. Zebrocy was initially introduced as a Sofacy backdoor package in 2015, but the Zebrocy cluster has carved a new approach to malware development and delivery to the world of Sofacy. In line with this approach, we will present more on this Zebrocy innovation and activity playing out at SAS 2019 in Singapore.

Our colleagues at Palo Alto recently posted an analysis of Zebrocy malware. The analysis is good and marked their first detection of a Zebrocy Go variant as October 11, 2018. Because there is much to this cluster, clarifying and adding to the discussion is always productive.

Our original “Zebrocy Innovates – Layered Spearphishing Attachments and Go Downloaders” June 2018 writeup documents the very same downloader, putting the initial deployment of Zebrocy Go downloader activity at May 10, 2018. And while the targeting in the May event was most likely different from the October event, we documented this same Go downloader and same C2 was used to target a Kyrgyzstan organization. Also interesting is that the exact same system was a previous Zebrocy target earlier in 2018. So, knowing that this same activity is being reported on as “new” six months later tells us a bit about the willingness of this group to re-use rare components and infrastructure across different targets.
Full reading: https://securelist.com/a-zebrocy-go-downloader/89419/
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Latest Threads
WhatsApp caps message forwarding to five...
Last Post: silversurfer
Today 11:56
» Replies: 0
» Views: 17
What is your PC's security setup?
Last Post: Toligo
Today 10:42
» Replies: 24
» Views: 2181
Fake Android Navigation Apps Spam You wi...
Last Post: tarekma7
Today 10:27
» Replies: 0
» Views: 21
6 Reasons We Need to Boost Cybersecurity...
Last Post: tarekma7
Today 10:22
» Replies: 0
» Views: 28
Apeaksoft MobieTrans 1.1.6
Last Post: Toligo
Today 08:48
» Replies: 0
» Views: 18
[Android][App] The Big Ashampoo® App Par...
Last Post: Raur
Today 08:19
» Replies: 0
» Views: 27
A first look at Windows Sandbox
Last Post: Raur
Today 07:47
» Replies: 2
» Views: 87
Twitter admits bug exposed some Android ...
Last Post: Raur
Today 07:35
» Replies: 3
» Views: 46
What is your favourite AntiVirus?
Last Post: osmandemi
Today 07:24
» Replies: 13
» Views: 231
Temporary micropatch available for zero-...
Last Post: Raur
Today 07:16
» Replies: 0
» Views: 36
Malwarebytes Fixes Windows 7 Freeze Prob...
Last Post: Raur
Today 07:08
» Replies: 2
» Views: 33
NordVPN Breaking Your Privacy
Last Post: Raur
Today 06:45
» Replies: 0
» Views: 28
Nvidia GTX 1660 Ti Reportedly Up To 19 P...
Last Post: DTinn8
Today 05:58
» Replies: 0
» Views: 17
Microsoft Employee Hints at Windows Core...
Last Post: DTinn8
Today 05:54
» Replies: 0
» Views: 28
Free VPN Risk Index: Android Apps
Last Post: DTinn8
Today 05:49
» Replies: 1
» Views: 28
O&O DiskImage Professional v14 Review
Last Post: DTinn8
Today 05:44
» Replies: 7
» Views: 238
Revo Uninstaller 3 PRO
Last Post: Raur
Today 05:29
» Replies: 3
» Views: 50
[Official] O&O DiskImage 14 Professional...
Last Post: DTinn8
Today 05:27
» Replies: 24
» Views: 1393
WinRAR 5.60 Review
Last Post: Raur
Today 05:14
» Replies: 5
» Views: 479
[Official] CheckMAL's AppCheck Pro Chris...
Last Post: dinosaur07
Today 00:03
» Replies: 12
» Views: 751

[-]
Staffs Online
harlan4096's profile harlan4096
Administrator
silversurfer's profile silversurfer
Administrator