Uncovering New Activity By APT10

Malware, APT, enSilo Breaking Malware, APT10, Threat Intelligence

Article Summary

In April 2019, enSilo detected what it believes to be new activity by Chinese cyber espionage group APT10. The variants discovered by enSilo are previously unknown and deploy malware that is unique to the threat actor. These malware families have a rich history of being used in many targeted attacks against government and

Read More

Moker, Part 2: Capabilities

Windows, Web Malware, Malware, APT, Moker, RAT, enSilo Breaking Malware

A few days ago, we published a blog entry on an advanced malware called Moker, and discussed the different challenges that Moker placed to avoid detection and anti-dissection, as part of enSilo’s continuing improvement of our endpoint security software.

Now that we have the stripped down malware sample, it’s time to analyze the actual malware.

Read More

Moker: A new APT discovered within a sensitive network

Research, Windows, Malware, APT, Moker, RAT, enSilo Corporate and Product

Recently, enSilo found an Advanced Persistent Threat (APT) residing in a sensitive network of a customer. This APT appears to be a Remote Access Trojan (RAT) that is capable of taking complete control of the victim’s computer. To date, this APT is unknown and does not appear in VirusTotal. Moker was the file description that the malware author

Read More

Moker, Part 1: Dissecting a New APT Under the Microscope

Windows, Web Malware, Malware, APT, Moker, RAT, enSilo Breaking Malware

Recently, we came across Moker, an advanced malware residing in a sensitive network of a customer. Since the malware did not try to access an external server, but rather tamper with the system inner workings, we decided to give this malware a second look. (This kind of work is part of developing complete endpoint security software.)

Read More