X-Industry

While analyzing one of the affiliate programs, Doctor Web’s researchers discovered a unique piece of malware with clicker functionality and called it a Trojan.ChimeraWire. This malware targets computers running Microsoft Windows and is based on the open-source projects zlsgo and Rod for automated website and web application management.

Trojan.ChimeraWire allows cybercriminals to simulate user actions and boost a website's behavioral ranking by artificially increasing its search engine rankings.

At the end of October, during a global disruption of AWS connections, FortiGuard Labs observed malware named “ShadowV2” spreading via IoT vulnerabilities.  These incidents affected multiple countries worldwide and spanned seven different industries.  To date, the malware appears to have been active only during the large-scale AWS outage.  Researchers believe this activity was likely a test run conducted in preparation for future attacks.  The following article provides a detailed analysis of the

The analysis from Fortinet below is part of an incident investigation led by their Incident Response Team.  Their researchers discovered malware that had been running on a compromised machine for several weeks.  The threat actor had executed a batch of scripts and PowerShell to run the malware in a Windows process.  Although obtaining the original malware executable was difficult, a memory dump of the running malware process and a full memory dump of the compromised machine (the “fullout” file,