Threat Research

    WhatsApp Compromise Leads to Astaroth Deployment

    Researchers are examining an ongoing, multi-stage malware campaign targeting WhatsApp users in Brazil. First detected on September 24, 2025, the operation—identified as STAC3150—uses archive attachments that contain a downloader script responsible for fetching several second-stage components....
    11/21/2025  0
    Read More »

    Astaroth: Banking Trojan Abusing GitHub for Resilience

    Astaroth is a stealthy banking trojan that has evolved to become more resilient by abusing GitHub. Instead of relying solely on traditional command-and-control (C2) servers, it uses GitHub repositories to host malware configurations, allowing it to stay active even when C2 infrastructure is taken down....
    10/13/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.