The Hidden Bee infection chain, part 1: the stegano pack

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.

A week in security (May 27 – June 2)

A roundup of security news from May 27–June 2, including a look at 2019 ransomware outbreaks in the Unites States, ATM fraud, NIST’s privacy framework, more legal problems for Google and Facebook, and more.

Categories:

Tags:

(Read more…)

The post A week in security (May 27 – June 2) appeared first on Malwarebytes Labs.

Hidden Bee: Let’s go down the rabbit hole

The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

Categories:

Tags:

(Read more…)

The post Hidden Bee: Let’s go down the rabbit hole appeared first on Malwarebytes Labs.

Reversing malware in a custom format: Hidden Bee elements

When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-step analysis for a closer look.

Categories:

Tags:

(Read more…)

The post Reversing malware in a custom format: Hidden Bee elements appeared first on Malwarebytes Labs.

A week in security (July 23 – July 29)

A round up of the security news from July 23 – July 29, including the introduction of Malwarebytes Browser Extensions, and new malware HiddenBee, Proton, and MobiDash.

Categories:

Tags:

(Read more…)

The post A week in security (July 23 – July 29) appeared first on Malwarebytes Labs.

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.

Categories:

Tags:

(Read more…)

The post ‘Hidden Bee’ miner delivered via improved drive-by download toolkit appeared first on Malwarebytes Labs.