fbpx

Uncategorized

hancitor

Hancitor distributed through coronavirus-themed malspam

Introduction The criminal group behind Hancitor malware has been quiet during the past few weeks.  For the past year or so, this group has stuck with DocuSign-themed malspam to distribute Hancitor (like this example from January 2020).  However, today @mesa_matt reported a new wave of Hancitor malspam using a coronavirus theme.  Today’s diary reviews two quick infection runs using information …

Hancitor distributed through coronavirus-themed malspam Read More »