Analysis of Phishing Activities Using the GuLoader to deliver AgentTesla

February 24, 2023 By Antiy CERT With 0 Comments

1.Overview In recent years, the AgentTesla Trojan horse continues to be active, and Antiy CERT has repeatedly monitored attacks on domestic government, enterprise and institutions of higher learning to deliver the Trojan. Since February of this year, Antiy CERT has monitored a new wave of fish……

Continue Reading

Analysis and Response to ATW’s Data Breach Incident in China

February 19, 2023 By Antiy CERT With 0 Comments

1.Overview Since October 2021, a hacker group called “AgainstTheWest” (ATW) has attacked platforms such as SonarQube, Gitblit and Gogs, stealing codes and data of many enterprises and public institutions in China and illegally selling them in overseas hacker forums. More than 150 i……

Continue Reading

Analysis of Attack Activities Using Spam to Spread Remote Control Trojans

February 12, 2023 By Antiy CERT With 0 Comments

1.Overview Recently, the Harbin Institute of Technology and Antiy Joint CERT Labs has monitored multiple attacks using spam to spread remote control Trojans. Attackers send emails with themes such as “order”, “invoice”, “receipt”, etc., and combine the body ……

Continue Reading

2022 Active Mining Trojan Review

February 08, 2023 By Antiy CERT With 0 Comments

1.Overview Mining Trojans use various means to implant mining programs into victims’ computers, and use the computing power of victims’ computers to mine without the knowledge of users, thereby obtaining illegal profits. Currently, multiple threat organizations (for example, “……

Continue Reading