Dexphot Polymorphic Malware

Avertium Threat Report

Dexphot Overview Dexphot is a polymorphic malware campaign that constantly evolves, sometimes deploying new files and employing new TTPs (Tactics, Techniques, and Procedures) every 20 to 30 minutes. The goal of this malware campaign is to mine cryptocurrency, which isn’t particularly remarkable, but it is the methodologies utilized that are unique. Tactics, Techniques, Procedures The […]

Firefox Vulnerability and Fake Tech Support Page Scammers

Avertium Threat Report

Firefox Bug and Fake Technical Support Page Scam Overview Fake technical support scammers are exploiting a recently discovered Firefox vulnerability to overload CPUs. Fake tech support scam pages have been common for a considerable amount of time, but over the past year these scammers have been exploiting web browser vulnerabilities more often. The advantage for […]

Report: HOPLIGHT Trojan

Avertium Threat Report

HOPLIGHT Trojan Overview This report is about the HOPLIGHT Trojan and the recently released analysis which was conducted by multiple United States government agencies that was released on the US Cert website. This malware is a backdoor used to steal sensitive data and modify infected hosts. The delivery method isn’t discussed in the U.S. government […]

Report: RAT Generator “Blackremote”

Avertium Threat Report

Blackremote Overview This report is about a RAT (remote access tool) generator called Blackremote. The generator has been recently advertised and sold in underground forums using cryptocurrencies such as Bitcoin as the medium of exchange. The executable being generated has remote access capabilities allowing bad actors to modify the system and capture sensitive data. Tactics, […]