Cybercrime

Hamburglars

Episode 1 – The Trigger The investigation, dubbed "Hamburglars", originated from an incident response activity and a targeted deep-dive conducted by the Cyber Threat Intelligence Team. An Italian company operating in the food service sector had reported anomalies in its systems: an ongoing brute-force attack targeting its customer area. At first, the case appeared to be a typical...
28/10/2025By Read more...

BlueDuck: an(other) Infostealer Coveting Digital Marketing Agencies’ Facebook Business Accounts

Introduction In November 2023, the Yarix Cyber Threat Intelligence team (YCTI) intercepted a set of suspicious phishing emails addressed to digital marketing agencies that were impersonating different famous fashion brands. Through the analysis of these emails, we uncovered the activities of a Vietnamese cybercriminal group distributing a malicious python-based infostealer, tracked as BlueDuck, aimed to...
04/04/2024By Read more...

Win$ton: a Russian-Speaking Scam Group Targeting Middle-Eastern Customers

Introduction As Yarix Cyber Threat Intelligence (YCTI) team, we regularly monitor, track and counter phishing websites that aim to steal user-sensitive data (e.g., login credentials, phone numbers, credit cards). One of the most challenging aspect of proactively countering and tracking phishing campaigns is hunting and analyzing exposed phishing kits. The analysis of these archives enables...
21/06/2023By Read more...