Threats Tagged 'syscalls'
View all threats tagged with 'syscalls'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'syscalls'
Click on any threat for detailed analysis and mitigation recommendations
Endgame Harvesting: Inside ACRStealer's Modern Infrastructure 0 ACRStealer, a sophisticated Malware as a Service, has evolved with enhanced evasion techniques and C2 communication strategies. It employs low-level syscalls and AFD for stealthy operations, bypassing user-mode hooks. The malware uses layered communication, establishing raw TCP connections followed by SSL/TLS over SSPI. ACRStealer's data-stealing capabilities are extensive, targeting browsers, Steam accounts, and performing victim fingerprinting. It can execute secondary payloads and capture screenshots. The malware shows an active infection pattern in countries like the USA, Mongolia, and Germany, communicating with specific IP addresses and domains. Recent developments indicate a shift to LummaStealer, suggesting ongoing threat actor activities targeting gaming platforms and social media. Join the discussion | AlienVault OTX General | 03/17/2026, 10:55:52 UTC Added: 03/17/2026, 11:27:29 UTC |
Fake Tech Support Delivers Havoc Command & Control 0 A sophisticated cyber attack campaign combines social engineering and advanced malware techniques. Attackers pose as IT support to gain initial access, then deploy a modified version of the Havoc C2 framework. The malware uses DLL sideloading, indirect syscalls, and custom loaders to evade detection. After compromising the initial system, the attackers rapidly move laterally, establishing persistence through scheduled tasks and legitimate remote monitoring tools. The campaign demonstrates a blend of human-centric initial access methods and advanced technical evasion techniques, highlighting the need for comprehensive security measures spanning user awareness and technical controls. Join the discussion | AlienVault OTX General | 03/05/2026, 12:32:01 UTC Added: 03/05/2026, 15:12:13 UTC |
Showing 1 to 2 of 2 results