Trend Micro cybersecurity experts: The vehicle is the PrivateLoader pay-per-install (PPI) distribution service. The final payload is a multi-functions RAT.
Trend Micro cybersecurity experts: The malware (aka WickrMe) arrives via the CVE-2019-0604. Then, the threat actors exploit web shell to download Cobalt Strike.
Trend Micro cyber security experts: It is a fileless malware, which runs directly in the RAM of the victim's operating system. It takes advantage of DLL injection.
Trend Micro: Cybercrime spread MacOS.GMERA trojan, disguised as Stockfolio. It’s used to steal user information and it’s evolving. To date, two samples were already discovered.
Trend Micro cyber security experts: The code has evolved in a banking malware combining information theft and ransomware. It targets 188 banking and finance related apps worldwide.
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
Trend Micro cyber security experts: It’s concealed in 182 free-to-download game and camera apps, majority of which on Google Play Store, and collectively had millions of downloads.