Analysis of the recent attack activities by the “SwimSnake” black-market group targeting finance personnel and e-commerce customer service

1.Overview Recently, Antiy CERT has detected a new round of phishing attacks by the “SwimSnake” black-market group (associated with the “Silver Fox” gang), targeting finance personnel and customer service representatives of small businesses on platforms such as Kuaishou, D……

Continue Reading

Analysis of LockBit Ransomware Samples and Considerations for Defense Against Targeted Ransomware

1.Overview Recently, there has been an incident involving a financial institution falling victim to a ransomware attack. Information from various sources indicates a close association with the LockBit ransomware attack group. The use of the term “close association” by the Antiy CERT i……

Continue Reading

Using ARK Tool (ATool) To Remove the Typical Worm MyDoom

1.Overview In the long-term monitoring of daily security events, Antiy CERT often captures a large number of MyDoom worm samples and phishing emails that spread the worm. After being infected with MyDoom, the victim host will be placed with a back door so that the attacker can issue subsequent……

Continue Reading

Analysis of the Latest Attack Activities by the “Swimming Snake” Criminal Gang Targeting Financial Personnel and E-commerce Customer Service Staff

1.Overview Recently, Antiy CERT has detected a new round of phishing attacks against financial personnel and customer services of small stores (such as Kuaishou, Douyin, WeChat video number and Xiaohongshu) by the “Snake” black product gangs (“Silver Fox” related gangs)……

Continue Reading