TeamTNT delivers malware with new detection evasion tool

January 27, 2021 | Ofer Caspi
Ofer Caspi

Ofer Caspi

Ofer is a Security Researcher at Alien Labs, part of the AT&T Cybersecurity. He can be found on LinkedIn and Twitter (@ShablolForce)

January 27, 2021 | Ofer Caspi

TeamTNT delivers malware with new detection evasion tool

Executive Summary AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a new detection evasion tool, copied from open source repositories. The purpose of this blog is to share new technical intelligence…

January 7, 2021 | Ofer Caspi

Malware using new Ezuri memory loader

This blog was written by Ofer Caspi and Fernando Martinez of AT&T Alien Labs Multiple threat actors have recently started using a Go language (Golang) tool to act as a packer and avoid Antivirus detection. Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk.…