Threat Research

    From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion

    The intrusion started with a JavaScript file linked to the Lunar Spider group, disguised as a tax form, which downloaded and executed Brute Ratel via an MSI installer. Throughout the attack, various malware strains were deployed, including Latrodectus, Brute Ratel C4, Cobalt Strike, BackConnect, and a custom .NET backdoor....
    9/30/2025  0
    Read More »

    Fix the Click: Preventing the ClickFix Attack Vector

    This article provides hunting tips and mitigation strategies for ClickFix campaigns, along with insights into major 2025 incidents. Notable cases include NetSupport RAT with a new loader, Latrodectus malware using ClickFix lures, and widespread Lumma Stealer activity....
    7/11/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.