logo
Questions? +1 (202) 335-3939 Login
Set Up FREE Account Submit Release
Trusted News Since 1995
A service for global professionals · Thursday, November 14, 2024 · 760,530,031 Articles · 3+ Million Readers
Got News to Share? Send 2 FREE Releases
News Search | All News Topics > Frankfurt Stock Exchange News Topics: By Country | By State ; Press Releases by Industry Channel > All Frankfurt Stock Exchange Press Releases

ANY.RUN Shares Technical Analysis on HawkEye Keylogger Malware and Its Attacks

DUBAI, DUBAI, UNITED ARAB EMIRATES, November 13, 2024 /EINPresswire.com/ -- ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, released a detailed report on the HawkEye malware, also known as PredatorPain. The research provides critical insights into the malware's evolution, delivery methods, technical behavior, and advanced functionalities.

๐€๐›๐จ๐ฎ๐ญ ๐‡๐š๐ฐ๐ค๐„๐ฒ๐ž ๐Š๐ž๐ฒ๐ฅ๐จ๐ ๐ ๐ž๐ซ

HawkEye emerged before 2010 and gained significant popularity through spearphishing campaigns starting in 2013. The malware has been widely distributed on dark web sites and has been cracked, allowing widespread use by various actors. It saw a resurgence during the COVID-19 pandemic.

HawkEye has evolved from a simple keylogger into a sophisticated stealer with capabilities such as credential and wallet theft, screenshot capture, and security software detection.

HawkEye is also commonly used in conjunction with other malware like Remcos and Pony.

๐Œ๐š๐ข๐ง ๐‘๐ž๐ฌ๐ž๐š๐ซ๐œ๐ก ๐…๐ข๐ง๐๐ข๐ง๐ ๐ฌ

The report goes in-depth on the technical aspects of HawkEye attacks which mostly follow the same pattern:

ยท The malware drops multiple copies of itself in temporary directories and injects code into legitimate software processes to avoid detection.

ยท It establishes persistence through registry keys and task scheduling, using obfuscation techniques to hide its persistence mechanisms.

ยท HawkEye collects a wide range of data, including keystrokes, clipboard data, system information, and credentials.

ยท It uses various methods for information exfiltration, including FTP, HTTP, and SMTP.

Read the full report on ANY.RUNโ€™s blog.

About ANY.RUN

ANY.RUN serves over 500,000 cybersecurity professionals globally, offering an interactive platform for malware analysis targeting Windows and Linux environments. With advanced threat intelligence tools such as TI Lookup, YARA Search, and Feeds, ANY.RUN enhances incident response and provides analysts with essential data to counter cyber threats effectively.

The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
X
LinkedIn

Powered by EIN Presswire

Distribution channels: Banking, Finance & Investment Industry, Companies, IT Industry, International Organizations, Technology

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Submit your press release

Frankfurt Stock Exchange News Today by EIN Newsdesk & EIN Presswire (a press release distribution service)

Follow us on Facebook & Twitter and connect with us on LinkedIn

Newsmatics Inc., 1025 Connecticut Avenue NW, Suite 1000, Washington, DC 20036 · Contact · About

© 1995-2024 Newsmatics Inc., a publisher of EIN News · All Rights Reserved · Privacy Policy · User Agreement