Skip to main content

Blogs & News

Latest news and updates from our security research teams

April 10, 2024

WordPress Website Owners: Beware of Balada

Varist continues to find examples of Balada Injector compromised websites via unpatched tagDiv WordPress plugins. Long time WordPress site infection campaign, the Balada Injector gang, has been running since 2017…
February 20, 2024

Multi-staged Downloader Leads to Infamous RAT

Brief Sometime around mid January we came across an interesting sample lurking around in our honeypot, so we decided to investigate further. The initial payload comes in a Microsoft Cabinet…
February 14, 2024

What Lies Beyond Innocent Looks

Discovery While hunting for malware we found an interesting Javascript sample, which appears to be benign and purposed to dynamically defining some object properties. But is that all there is…
December 1, 2023

A Duck’s Trail

The Footprint We came across what seems to be a builder as the filename implies. We also assume that it is already on version 4 via the string "v4".…
November 29, 2023

The Duck Who Sneaked Through Feeds

Malicious Facebook Ads Malvertisements are one of many infection vectors that threat actors use. It gives them an advantage to pique the interest of unsuspecting users to fall victim to…
November 22, 2023

Capcut’s Copycat Installs Trojan Stealer

While digging through a malicious document which I was working on earlier this week (SHA256: 1024f399ddef...8151c566), I took interest in a URL flagged as malicious by Varist Hybrid Analyzer as…
November 21, 2023

Considering UX when choosing Malware Detection technology

It has become common practice to consider end user experience when building software or software-as-a-service products. After all, in today's easy-in/easy-out paradigm that has come with cloud applications, it's never…
October 31, 2023

Phishing Hiding Under Google’s .app TLD Targets Northwest Radiology

Varist recently observed a phishing attack targeting a user at Northwest Radiology. Northwest Radiology is quoted as being “…one of the largest physician-owned radiology groups in central Indiana providing specialized…
May 16, 2023

Varist and OPSWAT Announce Partnership Agreement for Malware Protection

Varist, an Icelandic cybersecurity company that recently acquired the operating assets of Cyren’s anti-malware business, is excited to announce its latest partnership with OPSWAT. The agreement highlights OPSWAT’s commitment to…
May 2, 2023

Varist Partners with Eleven to Enhance Protection of Millions of Mailboxes

Varist ehf, a leading anti-malware company whose products are trusted by the largest cloud companies worldwide, announces a significant partnership with German cybersecurity firm eleven cyber security GmbH. This collaboration…
March 13, 2023

Cyren’s Anti-Malware technology acquired by Icelandic IT company OK

Reykjavik, March 13th 2023 OK, a leading IT service company in Iceland, announced today that it has signed an agreement to acquire all operating assets of the Anti-Malware business from…