Skip to main content

Blogs & News

Latest news and updates from our security research teams

Blog
September 27, 2024

Guloader: Drops of Goo

TTP During the past few months, we encountered a handful of RTF and Visual Basic Scripts as attachments in emails. Targets of these crafted emails were Asian and European countries…
News
June 5, 2024

Varist and Iceland Health Announce Partnership Agreement

We are thrilled to announce the partnership between Varist and Iceland Health (Sjúkratryggingar). Iceland Health is the government institution responsible for ensuring the rights of the insured and access to…
News
April 10, 2024

WordPress Website Owners: Beware of Balada

Varist continues to find examples of Balada Injector compromised websites via unpatched tagDiv WordPress plugins. Long time WordPress site infection campaign, the Balada Injector gang, has been running since 2017…
Blog
February 20, 2024

Multi-staged Downloader Leads to Infamous RAT

Brief Sometime around mid January we came across an interesting sample lurking around in our honeypot, so we decided to investigate further. The initial payload comes in a Microsoft Cabinet…
Blog
February 14, 2024

What Lies Beyond Innocent Looks

Discovery While hunting for malware we found an interesting Javascript sample, which appears to be benign and purposed to dynamically defining some object properties. But is that all there is…
Blog
December 1, 2023

A Duck’s Trail

The Footprint We came across what seems to be a builder as the filename LnkBotBuilder_v4.zip implies. We also assume that it is already on version 4 via the string "v4".…
Blog
November 29, 2023

The Duck Who Sneaked Through Feeds

Malicious Facebook Ads Malvertisements are one of many infection vectors that threat actors use. It gives them an advantage to pique the interest of unsuspecting users to fall victim to…
Blog
November 22, 2023

Capcut’s Copycat Installs Trojan Stealer

While digging through a malicious document which I was working on earlier this week (SHA256: 1024f399ddef...8151c566), I took interest in a URL flagged as malicious by Varist Hybrid Analyzer as…
Blog
November 21, 2023

Considering UX when choosing Malware Detection technology

It has become common practice to consider end user experience when building software or software-as-a-service products. After all, in today's easy-in/easy-out paradigm that has come with cloud applications, it's never…
Blog
October 31, 2023

Phishing Hiding Under Google’s .app TLD Targets Northwest Radiology

Varist recently observed a phishing attack targeting a user at Northwest Radiology. Northwest Radiology is quoted as being “…one of the largest physician-owned radiology groups in central Indiana providing specialized…
News
May 16, 2023

Varist and OPSWAT Announce Partnership Agreement for Malware Protection

Varist, an Icelandic cybersecurity company that recently acquired the operating assets of Cyren’s anti-malware business, is excited to announce its latest partnership with OPSWAT. The agreement highlights OPSWAT’s commitment to…
News
May 2, 2023

Varist Partners with Eleven to Enhance Protection of Millions of Mailboxes

Varist ehf, a leading anti-malware company whose products are trusted by the largest cloud companies worldwide, announces a significant partnership with German cybersecurity firm eleven cyber security GmbH. This collaboration…
News
March 13, 2023

Cyren’s Anti-Malware technology acquired by Icelandic IT company OK

Reykjavik, March 13th 2023 OK, a leading IT service company in Iceland, announced today that it has signed an agreement to acquire all operating assets of the Anti-Malware business from…