HawkEye keylogger

HawkEye keylogger is a formidable trojan known for stealthily stealing vital data from your computer. This malware collaborates with others to snatch passwords from email clients and browsers, making it a potent threat. It spreads through malspam campaigns, targeting business users to compromise accounts and extract sensitive data for malicious purposes.

Recent campaigns used spam servers in Estonia, disguising emails as messages from Spanish banks. They distributed HawkEye Reborn v8.0 and v9.0 through deceptive attachments resembling commercial invoices. When opened, these attachments secretly install Hawkeye while distracting victims with the invoice image.

To infect victims, Hawkeye employs mshta.exe dropped by PhotoViewer, leveraging PowerShell to connect with a command-and-control server for further malware. It ensures persistence with gvg.exe in the Windows Registry, automatically restarting with each boot.

Protect against this threat with a Security Information and Event Management (SIEM) solution, offering constant device monitoring and real-time threat detection, fortifying your defenses against the Hawkeye Keylogger's menace. Watch the video to learn more—three minutes is all it takes!

  • &nsbp;

    Conti ransomeware

    Conti is a ransomware-as-a-service affiliate program associated with...

    3.00

     
  • &nsbp;

    Apache Log4j vulnerability

    Logging is a fundamental feature of software. A flaw in Log4j...

    3.00

     
  • &nsbp;

    US government probes...

    On April 29, 2022, the United States government...

    3.00

     
  • &nsbp;

    Qakbot malware

    First discovered in 2007, Qakbot is widespread malware used for stealing information...

    3.00

     
  • &nsbp;

    Emotet malware

    Originally developed as a banking trojan in 2014, Emotet malware was...

    3.00

     
  • &nsbp;

    Cobalt Strike

    Created in 2012 by Raphael Mudge, Cobalt Strike is a remote...

    3.00

     
  • &nsbp;

    Mimikatz

    Mimikatz is an open source application that allows users to view and save...

    3.00

     
  • &nsbp;

    REvil Ransomware

    Belonging to the Cryptomix ransomware family, Clop ransomware...

    3.00

     
  • &nsbp;

    TrickBot

    Originally designed by a group of sophisticated cybercriminals as a banking...

    3.00

     
  • &nsbp;

    Colonial Pipeline attack

    Colonial Pipeline, a jet fuel and gasoline provider for the eastern United...

    3.00

     
  • &nsbp;

    Clop ransomware

    A California-based information security and compliance firm, Qualys,...

    3.00

     
  • &nsbp;

    Mirai malware

    Mirai malware infects devices that run on the ARC processor, turning...

    3.00

     
  • &nsbp;

    IcedID Malware

    IcedID, aka BokBot, is a banking trojan-type malware that can be used...

    3.00

     
  • &nsbp;

    SocGholish

    SocGholish is an initial access threat that uses drive-by-downloads that...

    3.00

     
  • &nsbp;

    Agent Tesla

    First discovered in 2014, Agent Tesla is an advanced Remote Access...

    3.00

     
  • &nsbp;

    Shlayer Malware

    First discovered in 2018, Shlayer malware has become one of the most...

    3.00

     
  • &nsbp;

    Gameover Zeus

    Identified in September 2011, GameOver Zeus is a peer-to-peer (P2P) variant...

    3.00

     
  • &nsbp;

    LokiBot

    First discovered in 2016, LokiBot is infostealing malware that...

    3.00

     
  • &nsbp;

    NanoCore

    Sold in underground forums, the NanoCore remote access Trojan...

    3.00

     
  • &nsbp;

    Man-in-the-middle attacks

    Man-in-the-middle (MitM) attacks take place...

    3.00

     
  • &nsbp;

    GandCrab ransomware

    GandCrab ransomware encrypts victims files...

    3.00

     
  • &nsbp;

    FormBook malware

    FormBook is an infostealer malware that steals...

    3.00

     
  • &nsbp;

    Shamoon virus

    Shamoon is a dangerous malware program used in...

    3.00

     
  • &nsbp;

    Lapsus ransomware

    Lapsus is a hacking group that gained noto...

    3.00

     
  • &nsbp;

    njRAT trojan

    The njRAT, also known as Bladabindi, is...

    3.00

     
  • &nsbp;

    Phorpiex botnet

    The Phorpiex Botnet, initially a worm...

    3.00

     
  • &nsbp;

    Teslacrypt

    TeslaCrypt is a ransomware variant...

    3.00

     

Get the latest content delivered
right to your inbox!

Thank you for subscribing.

You will receive regular updates on the latest news on cybersecurity.

  • Please enter a business email id
  • US
  • By clicking on Keep me Updated you agree to processing of personal data according to the Privacy Policy.

© 2024 Zoho Corporation Pvt. Ltd. All rights reserved.

Back to Top