Hancitor – Inside a Malware Campaign (Updated)

What is Hancitor (in short)? Hancitor (AKA Chanitor) is a malware that uses Microsoft Office documents with macros to download malicious payloads like Pony, Vawtrak and other trojans/stealers/ransomware. Recently Hancitor ...

Join the Navy – Is it really easy to hack a boat?

Introduction After the publication of the Ship Tracker (data powered by Shodan), Lutech Cyber Threat Intelligence team, with the help of Lutech ThreatOculus™ (also known as Lutech TMS for Cyber ...

Malware Analysis with real time IOC feed ( EoT ) and private sources

Introduction Lutech Cyber Threat Intelligence team, with the help of Lutech EyeOnThreat™  and his own private infrastructure, identified an attack from a Chinese IP address and performed an analysis about ...

The TaxOlolo Affair – A Prequel and a Sequel

Why this article? Some news have been published recently about a “new” malspam campaign targetting italian users, such as these two: http://www.certego.net/en/news/new-spam-delivering-infostealer/ https://marcoramilli.blogspot.it/2018/01/huge-botnet-attacking-italian-companies.html In this campaign, the attackers are sending ...

Carding – Tecniche di vendita: evoluzioni recenti e future

Questa analisi è stata inserita nel REPORT CLUSIT 2018 – https://clusit.it/rapporto-clusit/ Introduzione Il presente report redatto dal Team di Cyber Threat Intelligence di Lutech, ha lo scopo di presentare lo ...

Carding – Scenario ed evoluzione dei canali di vendita

Questa analisi è stata inserita nel REPORT CLUSIT 2019 – https://clusit.it/rapporto-clusit/ Introduzione Il presente report redatto dal Team di Cyber Threat Intelligence di Lutech, ha lo scopo di presentare lo ...