Jose Manuel Martin | AlienVault Blogs

Off-the-shelf RATs Targeting Pakistan

August 1, 2018 | Jose Manuel Martin
Jose Manuel Martin

Jose Manuel Martin

Jose is a Security Researcher and a part of the AlienVault Labs team. His interest in development led Jose to work as an Application Security Engineer and Scrum Master in the past. Nowadays he enjoys watching old-fashioned movies, researching threat models, and finding new mechanisms to detect malware. Also, he is an enthusiast of information theory and physics.

August 1, 2018 | Jose Manuel Martin

Off-the-shelf RATs Targeting Pakistan

IntroductionWe’ve identified a number of spear phishing campaigns with Pakistani themed documents, likely targeting the region. These spear phishing emails use a mix of different openly available malware and document exploits for delivery. These are served from the compromised domains www.serrurier-secours[.]be and careers.fwo.com[.]pk (a part of the Pakistani army). There are some…

June 20, 2018 | Jose Manuel Martin

GZipDe: An Encrypted Downloader Serving Metasploit

At the end of May a Middle Eastern news network published an article about the next Shanghai Cooperation Organization Summit. A week ago, AlienVault Labs detected a new malicious document targeting the area. It uses a piece of text taken from the report as a decoy:This is the first step of a multistage infection in which several servers and…

Watch a Demo ›
GET PRICE FREE TRIAL