Malasada Tech

Possible Early Stage Caesar Cipher Skimmer

Aaron Samala July 2, 2024 No Comments

This article explores the discovery of a potential early-stage Caesar cipher skimmer during the investigation of suspicious activities linked to a Tunisian online store. The investigation uncovers hidden JavaScript masquerading…

LandUpdate808 Malware Research Threat Intelligence

The LandUpdate808 Fake Update Variant

Aaron Samala July 2, 2024 No Comments

Discover the LandUpdate808 fake update variant, a new cybersecurity threat tracked by our team. This article details its unique delivery chain, payload variations, and indicators of compromise, emphasizing the importance…

Gootloader Gootloader Backlinks

What is a Gootloader Backlink farm?

Aaron Samala June 24, 2024 No Comments

Backlinks Backlinks, or outgoing links, are links on a given page that links to another webpage. Why does it matter? When search engines crawl the internet, they record any outbound…

Cybersecurity Trends Gootloader Malware Research Threat Intelligence

Gootloader Isn’t Broken

Aaron Samala May 13, 2024 1 Comment

In this post, we take a closer look at the Gootloader malware, correcting previous assertions about its dysfunction. Through the use of tools like Process Monitor and Burp Suite, we…

Gootkit Malware Research

Automating Gootkit Detection with urlscan.io: A Step-by-Step Guide

Aaron Samala May 5, 2024 No Comments

Learn to automate Gootkit malware detection using urlscan.io. This guide covers the use of urlscan.io's API and Python scripting to efficiently identify and analyze malicious forum loader scripts, enhancing your…

Cybersecurity Trends Threat Intelligence

Why is Ghana, Cambodia, and Brazil so interested in USPS Templates?

Aaron Samala May 4, 2024 No Comments

Explore the mysterious allure of USPS templates in countries like Ghana, Cambodia, and Brazil. Discover why official government domains might host these lure articles, and the implications for global cyber…

Cybersecurity Trends Gootkit Malware Research Threat Intelligence

Gootkit Search Term Research

Aaron Samala May 2, 2024 1 Comment

BLUF: This document will cover research into Gootkit search term research as well as research possible verification methods. Intro: Gootkit research depends on having high quality methods to find the…

Cybersecurity Trends Malware Research

Indeed Lure Spotted!

Aaron Samala April 29, 2024 No Comments

I spotted a lure masquerading as an Indeed Career Guide resource (https//666025xyz/erp-terms-of-contract). See below. I found this while working on the Gootkit Crawler project – a project that will generate…

Malware Research SocGholish Threat Intelligence

Starting SocGholish Research

Aaron Samala April 19, 2024 No Comments

In this concise exploration, we delve into the methodology behind tracking and analyzing SocGholish malware. Aimed at both newcomers and seasoned SOC Analysts, the article guides readers through the practical…

Cybersecurity Trends Gootkit Malware Research Threat Intelligence

Is Gootkit Updating Their C2 Infrastructure?

Aaron Samala April 16, 2024 1 Comment

Discover the latest strategies in cyber warfare with our investigative piece on Gootkit malware's evolving C2 infrastructure. Uncover insights into how the removal of xmlrpc.php signals a new phase in…

Breaking

Possible Early Stage Caesar Cipher Skimmer

The LandUpdate808 Fake Update Variant

What is a Gootloader Backlink farm?

Gootloader Isn’t Broken

Automating Gootkit Detection with urlscan.io: A Step-by-Step Guide

Why is Ghana, Cambodia, and Brazil so interested in USPS Templates?

Gootkit Search Term Research

Indeed Lure Spotted!

Starting SocGholish Research

Is Gootkit Updating Their C2 Infrastructure?

You Missed

Copy/Paste Technique Used to Deliver XWORM

PDF Lure Delivering GoTo (LogMeIn) RMM

Unsuccessful Crypto Phishing Attempt on Me

SVG Capabilities and Behaviors