all InfoSec news
Unwrapping Ursnifs Gifts
Malware Analysis, News and Indicators - Latest topics malware.news
In late August 2022, we investigated an incident involving Ursnif malware, which resulted in Cobalt Strike being deployed. This was followed by the threat actors moving laterally through-out the environment using an admin account.
The Ursnif malware family (also commonly referred to as Gozi or ISFB) is one of oldest banking trojans still active today. It has an extensive past of code forks and evolutions that has lead to several active variants in the last 5 years including Dreambot, IAP, …
account august banking banking trojans cobalt cobalt strike code environment family gifts gozi incident isfb malware moving strike threat threat actors trojans ursnif ursnif malware