It’s been a hot minute since I last wrote anything here. I found some time between meetings to look at this Rust loader that executes Amadey. You’ll have to forgive any mistakes I made in my analysis – I open the debugger about 4 times a year these days. ClickFix I am not a Robot! ClickFix is a form of social engineering that lures users into running malicious code on their...
In May of 2020, Deep Instinct reported on a new variant of the malware loader called “Aggah,” a fileless loader that takes advantage of LOLBINS and free services such as Bitly, Blogger, etc. Heading into the second December of the Covid-19 pandemic, Aggah has continued the trend of using Covid-19 as a lure for malspam. The group behind “Aggah” is known for using the...
According to netmarketshare, Windows still owns about 87% of the market versus about 9% for Mac OS. Although Windows will likely stay the predominant leader of the pack, Mac OS continues to grow year over year, both in consumer and commercial markets. Likewise, malware for Windows is also by far the most common, but malware for Mac OS is gaining popularity. A few weeks ago, a sample came across...