https://threatchain.io/blog Malware analysis, CVE breakdowns, and threat intelligence from ThreatChain — decentralizing security. en-us Fri, 17 Apr 2026 08:05:01 +0000 https://threatchain.io/vidar-sample-detected-file-d6446f28 https://threatchain.io/vidar-sample-detected-file-d6446f28 Thu, 16 Apr 2026 19:16:20 +0000 A new Vidar sample was identified by threat intelligence feeds on 2026-04-16 15:05:16. This post breaks down what we know about the specific sample, how to r... https://threatchain.io/remcosrat-sample-detected-preinterest-exe-4a2bc726 https://threatchain.io/remcosrat-sample-detected-preinterest-exe-4a2bc726 Thu, 16 Apr 2026 11:16:25 +0000 A new RemcosRAT sample was identified by threat intelligence feeds on 2026-04-16 09:06:52. This post breaks down what we know about the specific sample, how ... https://threatchain.io/dattormm-sample-detected-trueview-exe-f58cb609 https://threatchain.io/dattormm-sample-detected-trueview-exe-f58cb609 Wed, 15 Apr 2026 19:15:57 +0000 A new DattoRMM sample was identified by threat intelligence feeds on 2026-04-15 17:40:48. This post breaks down what we know about the specific sample, how t... https://threatchain.io/santastealer-sample-detected-file-44bf32bd https://threatchain.io/santastealer-sample-detected-file-44bf32bd Wed, 15 Apr 2026 11:15:26 +0000 A new SantaStealer sample was identified by threat intelligence feeds on 2026-04-15 10:05:11. This post breaks down what we know about the specific sample, h... https://threatchain.io/discordrat-sample-detected-redtiger-tools-main-2-0-exe-dbdeed30 https://threatchain.io/discordrat-sample-detected-redtiger-tools-main-2-0-exe-dbdeed30 Tue, 14 Apr 2026 19:15:55 +0000 A new DiscordRAT sample was identified by threat intelligence feeds on 2026-04-14 17:12:58. This post breaks down what we know about the specific sample, how... https://threatchain.io/smoke-loader-sample-detected-file-54731e0a https://threatchain.io/smoke-loader-sample-detected-file-54731e0a Tue, 14 Apr 2026 11:15:25 +0000 A new Smoke Loader sample was identified by threat intelligence feeds on 2026-04-14 09:34:55. This post breaks down what we know about the specific sample, h... https://threatchain.io/ratonrat-sample-detected-xxx-exe-decadae3 https://threatchain.io/ratonrat-sample-detected-xxx-exe-decadae3 Mon, 13 Apr 2026 19:16:07 +0000 A new RatonRAT sample was identified by threat intelligence feeds on 2026-04-13 18:36:53. This post breaks down what we know about the specific sample, how t... https://threatchain.io/offloader-sample-detected-file-6fb87b85 https://threatchain.io/offloader-sample-detected-file-6fb87b85 Mon, 13 Apr 2026 11:16:09 +0000 A new OffLoader sample was identified by threat intelligence feeds on 2026-04-13 09:51:26. This post breaks down what we know about the specific sample, how ... https://threatchain.io/salatstealer-sample-detected-file-bc0caae0 https://threatchain.io/salatstealer-sample-detected-file-bc0caae0 Sun, 12 Apr 2026 19:15:44 +0000 A new SalatStealer sample was identified by threat intelligence feeds on 2026-04-12 17:11:02. This post breaks down what we know about the specific sample, h... https://threatchain.io/rustystealer-sample-detected-file-f9ec3083 https://threatchain.io/rustystealer-sample-detected-file-f9ec3083 Sun, 12 Apr 2026 11:15:51 +0000 A new RustyStealer sample was identified by threat intelligence feeds on 2026-04-12 05:47:37. This post breaks down what we know about the specific sample, h... https://threatchain.io/mirai-sample-detected-ciubuc-ppc-251103e7 https://threatchain.io/mirai-sample-detected-ciubuc-ppc-251103e7 Sat, 11 Apr 2026 19:15:17 +0000 A new Mirai sample was identified by threat intelligence feeds on 2026-04-11 17:39:16. This post breaks down what we know about the specific sample, how to r... https://threatchain.io/expiro-sample-detected-file-496a17a7 https://threatchain.io/expiro-sample-detected-file-496a17a7 Sat, 11 Apr 2026 11:16:05 +0000 A new Expiro sample was identified by threat intelligence feeds on 2026-04-11 09:17:40. This post breaks down what we know about the specific sample, how to ... https://threatchain.io/cve-2026-39337-church-management-software-flaw-gives-attackers-complete-server-c-39435d2c https://threatchain.io/cve-2026-39337-church-management-software-flaw-gives-attackers-complete-server-c-39435d2c Wed, 08 Apr 2026 00:41:04 +0000 If you're running ChurchCRM to manage your congregation's data, you need to act now. A critical vulnerability allows attackers to take complete control of yo... https://threatchain.io/asyncrat-the-silent-spy-that-gives-attackers-full-control-of-your-computer-4c3b97c1 https://threatchain.io/asyncrat-the-silent-spy-that-gives-attackers-full-control-of-your-computer-4c3b97c1 Wed, 08 Apr 2026 00:40:17 +0000 Picture this: you download what looks like a normal program — maybe a cracked utility, a PDF someone emailed you, or an update that popped up at just the rig... https://threatchain.io/boatnet-mirai-lzrd-botnet-2026 https://threatchain.io/boatnet-mirai-lzrd-botnet-2026 Tue, 07 Apr 2026 22:54:13 +0000 Breaking: New Mirai botnet variant 'Boatnet' (LZRD) actively targeting IoT devices worldwide. Full technical analysis of CVE-2024-6047 and CVE-2024-11120 exploitation. https://threatchain.io/how-to-check-if-file-is-malware https://threatchain.io/how-to-check-if-file-is-malware Tue, 07 Apr 2026 22:54:13 +0000 Learn how to check if a file is malware using free hash-based detection, VirusTotal, and ThreatChain. Step-by-step guide for Windows, Mac, and Linux with SHA256 commands. https://threatchain.io/that-fake-purchase-order-in-your-inbox-it-might-be-formbook-stealing-every-keyst-af3f5610 https://threatchain.io/that-fake-purchase-order-in-your-inbox-it-might-be-formbook-stealing-every-keyst-af3f5610 Tue, 07 Apr 2026 22:54:13 +0000 Imagine you work at a mid-sized company. It's a Tuesday morning. You open your email and see a message with the subject line "PO-000806758" — a purchase orde... https://threatchain.io/vidar-the-silent-thief-hiding-inside-that-free-software-download-6d557467 https://threatchain.io/vidar-the-silent-thief-hiding-inside-that-free-software-download-6d557467 Tue, 07 Apr 2026 22:54:13 +0000 Last Tuesday, a freelance graphic designer in Ohio downloaded what she thought was a cracked version of a popular video editing tool. Within 90 seconds — bef... https://threatchain.io/biggest-crypto-hacks-2026 https://threatchain.io/biggest-crypto-hacks-2026 Tue, 07 Apr 2026 22:54:13 +0000 A breakdown of the biggest crypto hacks and DeFi exploits of 2025-2026. What happened, how each attack worked, and how to check if your funds were affected. https://threatchain.io/weekly-threat-report-2026-04-05 https://threatchain.io/weekly-threat-report-2026-04-05 Tue, 07 Apr 2026 22:54:13 +0000 Weekly threat intelligence roundup from ThreatChain Research. Critical CVEs, malware trends, and actionable patches for the week. https://threatchain.io/dcrat-the-cheap-dangerous-malware-that-lets-anyone-spy-on-your-computer-for-5-ecbbd254 https://threatchain.io/dcrat-the-cheap-dangerous-malware-that-lets-anyone-spy-on-your-computer-for-5-ecbbd254 Tue, 07 Apr 2026 22:54:13 +0000 Picture this: you download what looks like a normal program — maybe a game crack, a free tool, or a file that came attached to a convincing email. Nothing se... https://threatchain.io/redline-stealer-the-password-thief-hiding-in-a-98-kilobyte-file-31c17f9d https://threatchain.io/redline-stealer-the-password-thief-hiding-in-a-98-kilobyte-file-31c17f9d Tue, 07 Apr 2026 22:54:13 +0000 In-depth threat intelligence analysis of RedLineStealer malware. Full IOCs, attack chain, and defensive recommendations. https://threatchain.io/inside-offloader-a-gcleaner-dropped-payload-slipping-past-95-of-av-engines-9a5616c7 https://threatchain.io/inside-offloader-a-gcleaner-dropped-payload-slipping-past-95-of-av-engines-9a5616c7 Tue, 07 Apr 2026 22:54:13 +0000 In-depth threat intelligence analysis of OffLoader malware. Full IOCs, attack chain, and defensive recommendations. https://threatchain.io/acrstealer-the-hidden-threat-disguised-as-a-google-verification-file-de5691a0 https://threatchain.io/acrstealer-the-hidden-threat-disguised-as-a-google-verification-file-de5691a0 Tue, 07 Apr 2026 22:54:13 +0000 Picture this: you're a freelance designer, and a client sends over what looks like a Google verification plugin. The file name even says "verificationgoogle.... https://threatchain.io/cve-2026-34208-javascript-sandbox-library-can-t-keep-attackers-out-81071546 https://threatchain.io/cve-2026-34208-javascript-sandbox-library-can-t-keep-attackers-out-81071546 Tue, 07 Apr 2026 22:54:13 +0000 CVSS Score: 10.0 (CRITICAL) If your application uses SandboxJS to run untrusted JavaScript code safely, you need to patch immediately. A critical vulnerabil... https://threatchain.io/is-this-crypto-wallet-a-scam https://threatchain.io/is-this-crypto-wallet-a-scam Tue, 07 Apr 2026 22:54:13 +0000 Learn how to check if a crypto wallet address is a scam. Step-by-step guide using Etherscan, ScamSniffer, and ThreatChain's database of 2,530 known scam wallets. https://threatchain.io/claude-code-source-leak-how-one-packaging-mistake-created-a-hacker-feeding-frenz-claude-c https://threatchain.io/claude-code-source-leak-how-one-packaging-mistake-created-a-hacker-feeding-frenz-claude-c Tue, 07 Apr 2026 22:54:13 +0000 Imagine accidentally dropping your house keys in a crowded mall – and within hours, those keys have been duplicated and distributed to every pickpocket in th... https://threatchain.io/that-payment-wire-email-attachment-it-s-a-trojan-wearing-trusted-software-as-a-d-5bbb1e4d https://threatchain.io/that-payment-wire-email-attachment-it-s-a-trojan-wearing-trusted-software-as-a-d-5bbb1e4d Tue, 07 Apr 2026 22:54:13 +0000 Picture this: It's a Monday morning. You're the office manager at a mid-size company in Stockholm, plowing through emails. One catches your eye — the subject... https://threatchain.io/your-computer-could-be-mining-cryptocurrency-for-strangers-right-now-here-s-how--c26af9d1 https://threatchain.io/your-computer-could-be-mining-cryptocurrency-for-strangers-right-now-here-s-how--c26af9d1 Tue, 07 Apr 2026 22:54:13 +0000 In-depth threat intelligence analysis of CoinMiner malware. Full IOCs, attack chain, and defensive recommendations. https://threatchain.io/why-your-router-might-be-quietly-attacking-websites-right-now-and-you-d-never-kn-e599ce2e https://threatchain.io/why-your-router-might-be-quietly-attacking-websites-right-now-and-you-d-never-kn-e599ce2e Tue, 07 Apr 2026 22:54:13 +0000 In-depth threat intelligence analysis of Mirai malware. Full IOCs, attack chain, and defensive recommendations.