Locky Dropper Now Comes Embedded in the Loader

We have noticed a change of behaviour in the latest spam email campaigns used by Locky. Since its first release Locky took advantage of compromised domains to download the dropper binary, while recently Locky¬†dropper is being delivered embedded into the loader code itself.¬†By tracking these campaigns we have also noticed that Locky’s authors have made […]

Dridex Downloader Tries New Sandbox-Evasion Techniques

Dridex is currently one of the most active and widespread banking malware. Like Locky ransomware also Dridex is dispatched through a massive spam mail campaign that uses the Necurs botnet. Our sensors have long been tracking these spam campaigns and recent captured emails contain a Word document that drops Dridex. In our latest samples we have observed a delay on execution of the […]

Close Bitnami banner
Bitnami