Unit 42 investigates NexusLogger: a new cloud-based keylogger primarily distributed via phishing emails.
Mo’ key loggers, mo’ problems This past year Unit 42 has seen a resurgence of keylogger activity and it seems like every week a new research blog comes out talking about one of four popular families: KeyBase, iSpy, HawkEye, or PredatorPain. These blogs usually delve into the technical workings of the threats, discuss their relationship to each
Be the first to receive the latest news, cyber threat intelligence and research from Unit 42. Subscribe Now. In June 2015, Unit 42 reported on a keylogger malware family known as KeyBase, which had first appeared in February 2015. The author has since taken down its website and supposedly ceased selling the software, while also
In recent years, there have been a number of high-profile stories involving the compromise of point of sale (PoS) devices. My research often involves deep reverse engineering and analysis of various malware families targeting PoS devices. As such, I’m often asked about the overall threats that these machines face. In this article I hope to
In recent months, our team has been tracking a keylogger malware family named KeyBase that has been in the wild since February 2015. The malware comes equipped with a variety of features and can be purchased for $50 directly from the author. It has been deployed in attacks against organizations across many industries and is