SpiderLabs Blog

Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You

August 06, 2024 | Fernando Dominguez

LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations

June 19, 2024 | Fernando Dominguez

Executive Summary LevelBlue Labs recently discovered a new highly evasive ...

AsyncRAT loader: Obfuscation, DGAs, decoys and Govno

January 05, 2024 | Fernando Martinez

Executive summary LevlBlue Labs has identified a campaign to deliver AsyncRAT ...

Behind the scenes: JaskaGO's coordinated strike on macOS and Windows

December 18, 2023 | Ofer Caspi

Executive summary In recent developments, a sophisticated malware stealer ...

ProxyNation: The dark nexus between proxy apps and malware

August 16, 2023 | Ofer Caspi

Executive summary LevelBlue Labs researchers recently discovered a massive ...

SeroXen RAT for sale

May 30, 2023 | Fernando Martinez

This blog was jointly written with Alejandro Prada and Ofer Caspi.

BlackGuard stealer extends its capabilities in new variant

March 23, 2023 | Ofer Caspi

LevelBlue Labs researchers have discovered a new variant of BlackGuard stealer ...

Shikitega - New stealthy malware targeting Linux

September 06, 2022 | Ofer Caspi

Executive summary LevelBlue Labs has discovered a new malware targeting ...

BotenaGo strikes again - malware source code uploaded to GitHub

January 26, 2022 | Ofer Caspi

Executive summary In November 2021, LevelBlue Labs™ first published research on ...

TeamTNT delivers malware with new detection evasion tool

January 27, 2021 | Ofer Caspi

Executive Summary LevelBlue Labs™ has identified a new tool from the TeamTNT ...

Sharepoint vulnerability exploited in the wild

March 26, 2020 | Chris Doman

The CVE-2019-0604 (Sharepoint) exploit and what you need to know LevelBlue Labs ...

Technical Analysis of an Active Cryptomining Worm by LevelBlue Labs

January 09, 2020 | Fernando Dominguez

This blog post provides an overview of the LevelBlue Labs™ technical analysis ...

Reversing Gh0stRAT part 2: the DDOS-ening

May 02, 2019 | James Quinn

This is a guest post James Quinn, a SOC analyst from Binary Defense.

The odd case of a Gh0stRAT variant

March 25, 2019 | James Quinn

This is a guest post by independent security researcher James Quinn. This will ...

Experiencing a security breach?

Experiencing a security breach?

Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You

Stay Informed

LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations

AsyncRAT loader: Obfuscation, DGAs, decoys and Govno

Behind the scenes: JaskaGO's coordinated strike on macOS and Windows

ProxyNation: The dark nexus between proxy apps and malware

SeroXen RAT for sale

BlackGuard stealer extends its capabilities in new variant

Shikitega - New stealthy malware targeting Linux

BotenaGo strikes again - malware source code uploaded to GitHub

TeamTNT delivers malware with new detection evasion tool

Sharepoint vulnerability exploited in the wild

Technical Analysis of an Active Cryptomining Worm by LevelBlue Labs

Reversing Gh0stRAT part 2: the DDOS-ening

The odd case of a Gh0stRAT variant

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.