Threat Research

Email Threat Review March 2021

In this first installment of our monthly email threat review, we present an overview of…

Zloader email campaign using MHTML to download and decrypt XLS

Zloader malware is spreading via malspam using MIME encapsulation of aggregate HTML documents (MHTML) attachments.…

BazarLoader’s Elaborate Flower Shop Lure

Since 2021-01-20 Hornetsecurity observes a new malspam campaign using a fake flower shop in an…

Emotet Botnet Takedown

SolarWinds SUNBURST backdoor assessment

On 2020-12-13 FireEye disclosed a backdoor in updates of the SolarWinds Orion Platform. Affected organizations…

QakBot reducing its on disk artifacts

QakBot has been updated with more evasion techniques. QakBot's configuration is now stored in a…

Phishing Technique Trends

The basic idea behind phishing has not changed since the 90s, however, the delivery tactics…

Emotet Inviting Friends to your Halloween Extravaganza

Threat actors often try to bandwagon on current events to trick their victims into falling…

VBA Purging Malspam Campaigns

VBA purging is a recent office macro detection evasion technique. It removes the VBA macro…

QakBot distributed by XLSB files

The Hornetsecurity Security Lab has detected usage of XLM macros within XLSB documents to distributed…