In this campaign, operators deployed clipboard hijacking code that replaces a victim's wallet address with an address specified by the actor. This code also deploys several malicious code files.

Discord, a popular VoIP, instant messaging, and digital distribution platform used by 140 million people in 2021, is being abused by cybercriminals to deploy malware files.

Mana Tools was first reported in 2019 by Yoroi researchers who identified it as a fork of the AzoRult 3.2 malware created by a Pakistani actor named Aqib Waseem, better known as Hagga.

EITest was first identified in 2014 and historically used large numbers of compromised WordPress sites and social engineering techniques to trick users into downloading malware.

A recent analysis of Agent Tesla by RiskIQ researchers lead them to discover that the XAMPP web server solutions stack was being used to serve Agent Tesla and Formbook malware.

While investigating the MobileInter skimmer, researchers observed that some bit2check domains share the same hosting pattern as Magecart domains observed abusing Alibaba and Google hosting services.

In their latest threat intel analysis, RiskIQ researchers have identified one of its latest developments, including the use of drive-by downloads and two new Monero wallets.

With nearly three out of every four dollars spent online done via a mobile device, it's no wonder Magecart operators are looking to target this lucrative landscape using MobileInter.

Yanbian Gang has targeted South Korean Android mobile banking customers since 2013 with malicious Android apps purporting to be from major banks, namely Shinhan Savings Bank, Saemaul Geumgo, and more.

Agent Tesla is an extremely popular "malware-as-a-service" RAT used to steal information such as credentials, keystrokes, clipboard data, and other information from its operators' targets.