Trend Micro Research : Phishing

Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users

Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users 2025-10-04 at 01:35 By Trend™ Research has identified an active campaign spreading via WhatsApp through a ZIP file attachment. When executed, the malware establishes persistence and hijacks the compromised WhatsApp account to send copies of itself to the victim’s contacts. This article is an excerpt from Trend […]

React to this headline:

Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users Read More »

How AI-Native Development Platforms Enable Fake Captcha Pages

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cyber Threats, Trend Micro Research : Phishing, Trend Micro Research : Research, Trend Micro Research : Web / SecurityTicks

How AI-Native Development Platforms Enable Fake Captcha Pages 2025-09-19 at 11:45 By Cybercriminals are abusing AI-native platforms like Vercel, Netlify, and Lovable to host fake captcha pages that deceive users, bypass detection, and drive phishing campaigns. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

How AI-Native Development Platforms Enable Fake Captcha Pages Read More »

MDR in Action: Preventing The More_eggs Backdoor From Hatching

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Malware, Trend Micro Research : Phishing / SecurityTicks

MDR in Action: Preventing The More_eggs Backdoor From Hatching 2024-09-30 at 18:16 By Trend Micro MDR (Managed Detection and Response) team promptly mitigated a more_eggs infection. Using Vision One, MDR illustrated how Custom Filters/Models and Security Playbook can be used to automate the response to more_eggs and similar threats. This article is an excerpt from

React to this headline:

MDR in Action: Preventing The More_eggs Backdoor From Hatching Read More »

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Phishing / SecurityTicks

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC 2024-09-19 at 11:47 By We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China. This article is an excerpt from Trend Micro Research, News and Perspectives

React to this headline:

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC Read More »

Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command 2024-09-05 at 12:46 By Notorious Mekotio and BBTok are having a resurgence targeting Latin American users. Mekotio’s latest variant suggests the gang behind it is broadening their target, while BBTok is seen abusing MSBuild.exe to evade detection. This article is an excerpt from Trend

React to this headline:

Banking Trojans: Mekotio Looks to Expand Targets, BBTok Abuses Utility Command Read More »

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft 2024-08-01 at 12:16 By We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites. This article is an excerpt from Trend Micro Research, News and

React to this headline:

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft Read More »

QR Codes: Convenience or Cyberthreat?

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cloud, Trend Micro Research : Phishing, Trend Micro Research : Ransomware, Trend Micro Research : Security Strategies, Trend Micro Research : Web / SecurityTicks

QR Codes: Convenience or Cyberthreat? 2024-07-23 at 20:16 By Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing) This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

QR Codes: Convenience or Cyberthreat? Read More »

Deepfakes and AI-Driven Disinformation Threaten Polls

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Expert Perspective, Trend Micro Research : Phishing, Trend Micro Research : Social Media / SecurityTicks

Deepfakes and AI-Driven Disinformation Threaten Polls 2024-05-02 at 14:16 By Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Deepfakes and AI-Driven Disinformation Threaten Polls Read More »

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets 2024-01-31 at 10:02 By Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted. This

React to this headline:

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets Read More »

Prevent BEC with AI-Powered Email and Collaboration

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Latest News, Trend Micro Research : Network, Trend Micro Research : Phishing, Trend Micro Research : Ransomware / SecurityTicks

Prevent BEC with AI-Powered Email and Collaboration 2024-01-26 at 23:31 By Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Prevent BEC with AI-Powered Email and Collaboration Read More »

Reduce Business Email Compromise with Collaboration

Reduce Business Email Compromise with Collaboration 2024-01-18 at 22:16 By Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Reduce Business Email Compromise with Collaboration Read More »

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing 22/11/2023 at 10:11 By The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023. This article is an excerpt from

React to this headline:

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing Read More »

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting 09/11/2023 at 12:01 By We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies. This article is an excerpt from

React to this headline:

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting Read More »

APT34 Deploys Phishing Attack With New Malware

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Phishing / SecurityTicks

APT34 Deploys Phishing Attack With New Malware 29/09/2023 at 12:17 By We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to

React to this headline:

APT34 Deploys Phishing Attack With New Malware Read More »

Analyzing a Facebook Profile Stealer Written in Node.js

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Analyzing a Facebook Profile Stealer Written in Node.js 05/09/2023 at 12:33 By We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication. This article is an excerpt from Trend Micro Research, News

React to this headline:

Analyzing a Facebook Profile Stealer Written in Node.js Read More »

Revisiting 16shop Phishing Kit, Trend-Interpol Partnership

Revisiting 16shop Phishing Kit, Trend-Interpol Partnership 01/09/2023 at 12:04 By In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign. This article is an excerpt

React to this headline:

Revisiting 16shop Phishing Kit, Trend-Interpol Partnership Read More »

SeroXen Incorporates Latest BatCloak Engine Iteration

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Privacy & Risks, Trend Micro Research : Spam / SecurityTicks

SeroXen Incorporates Latest BatCloak Engine Iteration 15/06/2023 at 12:16 By We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s

React to this headline:

SeroXen Incorporates Latest BatCloak Engine Iteration Read More »

Analyzing the FUD Malware Obfuscation Engine BatCloak

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Privacy & Risks / SecurityTicks

Analyzing the FUD Malware Obfuscation Engine BatCloak 09/06/2023 at 13:01 By We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Analyzing the FUD Malware Obfuscation Engine BatCloak Read More »

Water Orthrus’s New Campaigns Deliver Rootkit and Phishing Modules

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Research / SecurityTicks

Water Orthrus’s New Campaigns Deliver Rootkit and Phishing Modules 15/05/2023 at 13:12 By Water Orthrus has been active recently with two new campaigns. CopperStealth uses a rootkit to install malware on infected systems, while CopperPhish steals credit card information. This blog will provide the structure of the campaign and how they work. This article is

React to this headline:

Water Orthrus’s New Campaigns Deliver Rootkit and Phishing Modules Read More »