Vladislav Hrčka – CyberSecurity Confabulation

WinorDLL64: A backdoor from the vast Lazarus arsenal?

The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group

The post WinorDLL64: A backdoor from the vast Lazarus arsenal? appeared first on WeLiveSecurity

You never walk alone: The SideWalk backdoor gets a Linux variant

Posted 2 years ago by Vladislav Hrčka

ESET researchers have uncovered another tool in the already extensive arsenal of the SparklingGoblin APT group: a Linux variant of the SideWalk backdoor

The post You never walk alone: The SideWalk backdoor gets a Linux variant appeared first on WeLiveSecurity

Under the hood of Wslink’s multilayered virtual machine

Posted 3 years ago by Vladislav Hrčka

ESET researchers describe the structure of the virtual machine used in samples of Wslink and suggest a possible approach to see through its obfuscation techniques

The post Under the hood of Wslink’s multilayered virtual machine appeared first on WeLiveSecurity