Nov 16, 2021Android Trojan Targeting Korean Demographic using GitHub for C2Key Summary — Threat Actor(s) of possible Chinese speaking origin have created malicious Android APKs to target customers of South Korean financial institutions with the go of credentials theft but also spying on other phone activities including SMS interception. The primary C2 communication protocol utilized Base64 + AES encrypted strings hosted on two…Cybercrime6 min readCybercrime6 min read
Oct 20, 2021TM Follow-Up (TAG_APT35_14/10/21)The purpose of these entries is to enrich provided IOCs, provide information discovered by our analysts (in some cases this will be new information not shared in the initial report) and provide a springboard for more analysis/research possibilities. ThreatMiner is going to be doing these more regularly going forward. Stay…Android3 min readAndroid3 min read
Mar 5, 2019Latest Updates: 2019–03–05Dear reader, First of all, thank you so much for using ThreatMiner and apologies for the slow progress on adding new features and bug fixes. New Features We are very excited to announce two new features added to ThreatMiner today, both of which were suggested by @bartblaze: IOC defang operators…Cybersecurity2 min readCybersecurity2 min read
May 28, 2018Latest Updates: 2018–05–28Dear reader, First of all, thank you so much for using ThreatMiner. There is nothing more rewarding than seeing people finding ThreatMiner useful. As you may know, May 25th 2018 was the day the EU GDPR Directive came into power and ThreatMiner is no exception. …Cybersecurity2 min readCybersecurity2 min read
