
On the Hunt for Ghost(Socks)
LummaC2’s link to GhostSocks reveals stealthy proxy access, long-term persistence, and advanced evasion—posing a serious threat to enterprise defenses.
LummaC2’s link to GhostSocks reveals stealthy proxy access, long-term persistence, and advanced evasion—posing a serious threat to enterprise defenses.
Discover how LummaC2 has evolved with new stealth tactics, enhanced theft capabilities & novel evasion techniques in our latest SpyCloud Labs analysis.
See how cybercriminals are bypassing Google Chrome’s App-Bound Encryption feature with infostealer malware to steal session cookies that can be used in session hijacking attacks.
SpyCloud Labs dissects the capabilities of the open source Phemedrone Stealer, including log encryption, configuration & victim targeting.
SpyCloud Labs reverse-engineered Atomic macOS Stealer to get a better understanding of its current capabilities and the threat it poses to the security community. Here’s our analysis.
Threat actors are using PPI networks to distribute malware families like LummaC2 and Atomic Stealer. Our researchers analyzed one of them – SpaxMedia – and here’s what we found.
SpyCloud Labs analysts reverse-engineered LummaC2 Stealer and observed notable upgrades and capabilities to its code.