all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Initial research exposing JOKERSPY

Add to bookmarks
June 21, 2023, 5:10 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Key takeaways,


  • This is an initial notification of an active intrusion with additional details to follow

  • REF9134 leverages custom and open source tools for reconnaissance and command and control

  • Targets of this activity include a cryptocurrency exchange in Japan

,

To identify other binaries signed with the same identifier, we converted XProtectCheck-55554944f74096a836b73310bd55d97d1dff5cd4 to hexadecimal and searched VirusTotal to identify 3 additional samples (content:{5850726f74656374436865636b2d35353535343934346637343039366138333662373333313062643535643937643164666635636434}). 

Each contained the same core functionality with structural differences. These discrepancies may indicate that these …

command command and control control cryptocurrency cryptocurrency exchange exchange exposing identify intrusion japan key notification open source open source tools reconnaissance research takeaways tools virustotal

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

RSAC 2024: Google on the promise of large language models and cybersecurity 53 minutes ago | malware.news
article cybersecurity defensive genai +13
NVIDIA patches three ChatRTX security bugs 2 hours ago | malware.news
apps article bugs chatrtx +10
RSAC 2024: How to use AI without getting in trouble 2 hours ago | malware.news
article don laws link +9
Ubuntu security advisory (AV24-242) 3 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Red Hat security advisory (AV24-241) 3 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Dell security advisory (AV24-238) 4 hours ago | malware.news
advisory article canadian canadian centre for cyber security +8
IBM security advisory (AV24-239) 4 hours ago | malware.news
advisory article canadian canadian centre for cyber security +8
[Control systems] CISA ICS security advisories (AV24-240) 4 hours ago | malware.news
article canadian canadian centre for cyber security cisa +11
Germany Warns Russia: Hacking Will Have Consequences 5 hours ago | malware.news
actions annalena baerbock article bear +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Privacy Engineer, Implementation Review

@ Meta | Menlo Park, CA | Seattle, WA
View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com

SOC Analyst

@ Rubrik | Palo Alto
View on infosec-jobs.com

Consultant Tech Advisory H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs