The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Winnti Subgroup Earth Longzhi Uses New TTPs

May 19, 2023 2:28:29 PM / by The Hivemind posted in Threat Bulletin, China, Winnti, TTPs, Stack Rumbling, Earth Longzhi


Related Families: Croxloader, SPHijacker, Behinder
Verticals Targeted: Government, Healthcare, Technology, Manufacturing

Executive Summary

Earth Longzhi, a Winnti subgroup, was recently observed using new TTPs, including a novel technique dubbed stack rumbling.

Read More

Malware Leverages CAPTCHA to Bypass Browser Warning

Nov 23, 2022 1:00:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, CAPTCHA, TTPs, Gozi, Ursnif


Related Families: Gozi (Ursnif)
Verticals Targeted: Financial

Executive Summary

Bleeping Computer recently reported on a malware campaign that uses CAPTCHA to bypass browser warnings and deliver Gozi. This technique appears to be a novel TTP for threat actors.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts