ESET cyber security experts: The malware is a dynamic-link library that is installed and loaded by two earlier-stage components, and it’s periodically implemented to avoid detection.
Check Point cyber security experts: the malware has already infected around 25 million devices, and it could easily be used for more intrusive and harmful purposes.
The WordFence cyber security experts and the developers fixed it. Authenticated attackers could have remotely execute PHP code. It’s imperative e to update to version 2.4.22.
Yoroi-Cybaze ZLab cyber security experts develop a free decryptor for the ransomware. The tool, however, requires the malware process to be active.
Trend Micro cyber security experts: The code has evolved in a banking malware combining information theft and ransomware. It targets 188 banking and finance related apps worldwide.
Microsoft Defender ATP cyber security experts: Telemetry showed a sudden increase in the use of WMIC tool to run a script. This led researchers discovery the cyber attack.
Yoroi-Cybaze ZLab cyber security experts: ISO images in particular are exploited. Analyzing a cyber attack against an Italian firm, it emerged the XpertRAT and a Delphi wrapper.
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
Kaspersky cyber security experts: The ransomware uses exploits to escalate privileges and targets the Asia-Pacific region. Is the malware the heir of GandCrab?
Yoroi-Cybaze ZLab cyber security experts: The malware works as an encryptor and a decryptor. It abuses Clearnet-to-Tor proxy services to connect to its C2, hidden behind onion sites.