Contact Us

1 (800) 723-1166 |



Quantize or Capitalize

Last year, Forcepoint Security Labs blogged about the Quant Loader – a Trojan downloader previously seen being used to distribute Locky and Pony. 

We recently came across an active Quant loader administration panel hosted on a freshly registered domain which was also hosting a number of additional malware samples. At first glance everything seemed to be business as usual, but once the initial investigation was completed it became evident that some additional ‘features’ had been added… 

Trickbot Goes After Cryptocurrency

Forcepoint Security Labs have encountered an ongoing Trickbot campaign that appears to target crypto-currencies. Trickbot is a banking Trojan that is traditionally known to target financial institutions. Recently, we have observed Trickbot targeting Paypal and expanding its list of target institutions to include those from Nordic countries.

Today’s campaign uses Canadian Imperial Bank of Commerce (CIBC) as a social engineering lure and targets Coinbase, a digital assets exchange site.

Bitcoin & Other Cryptocurrencies

For many, ‘virtual’ currencies such as Bitcoin remain a mystery primarily associated with online criminals, despite no longer being far removed from the monetary system and transactions we’re used to.

This article is intended to serve as a primer, rather than one of our more usual technical analyses: cryptocurrencies continue to play a key role in many areas of cyber-crime being used for everything from online marketplace transactions to ransomware demands. However, with a number of legitimate organisations ranging from the Bank of England to EY also taking an interest cryptocurrencies and the technologies behind them, it’s worth being informed.

Dridex in the Shadows - Blacklisting, Stealth, and Crypto-Currency

Dridex has drastically reduced in volume throughout 2016. Actors are now appearing to prefer crypto-ransomware such as Locky over the infamous banking trojan. However, Dridex is still being actively developed.  Here is Forcepoint Security Labs we have seen a number of changes and improvements over the last few months.