×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 22 January

January 22, 2021

Technical analysis of a cyber-threat campaign using the dangerous and widespread “Lokibot” malware has revealed an updated method being used to conduct sophisticated attacks. The method includes three stages and three levels of encryption in the final payload, beginning with a phishing email containing a malicious Microsoft Excel attachment. The Excel attachment is obscured and requires the targeted victim to enable macros to view the contents, enabling the second stage of the attack. The final payload, Lokibot, is decrypted three times before being deployed on the targeted machine. Lokibot’s continued development since it was first detected, in 2016, has made it a popular choice for many malicious actors to harvest account credentials and sustain their operations.

Previous Report
Weekly Intelligence Summary 29 January
Weekly Intelligence Summary 29 January

A new web portal is aiding cyber-threat incident responders by detailing vulnerabilities in popular malware.

Next Report
Weekly Intelligence Summary 15 January
Weekly Intelligence Summary 15 January

A cyber-security firm released a free decryptor for the popular and sophisticated “DarkSide” ransomware.

×

Want these
Threat Intelligence reports sent straight to your inbox?

Subscribe below!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!