Executive Summary Qakbot (aka Pinkslipbot, Qbot) has persisted as a banking trojan – then a potent malware/ransomware distribution network – for well over a decade, its origins going back as far as 2007. As a ransomware botnet, Qakbot is usually […]
Executive Summary Just nine months after discovering ZuoRAT – a novel malware targeting small office/home office (SOHO) routers – Lumen Black Lotus Labs® identified another, never-before-seen campaign involving compromised routers. This is a complex campaign we are calling “Hiatus”. It […]
Executive Summary The sophistication of threat actors’ DDoS strategy and tactics continues to evolve rapidly in response to improved mitigation-side efforts. Actors have complicated filtering and firewalling by bringing a more diverse set of vectors to the attack, attacking at […]
Executive Summary The prevalence of malware written in Go programming language has increased dramatically in recent years due to its flexibility, low antivirus detection rates and difficulty to reverse-engineer. Black Lotus Labs, the threat intelligence arm of Lumen Technologies, recently […]
Executive Summary The rapid shift to remote work in spring of 2020 presented a fresh opportunity for threat actors to subvert traditional defense-in-depth protections by targeting the weakest points of the new network perimeter — devices which are routinely purchased […]
Executive Summary Last fall, Black Lotus Labs discovered in the wild what had until then only been theorized: Linux binaries were being used as loaders in Windows Subsystem for Linux (WSL). Since our initial report, Black Lotus Labs continues to […]
What Global Network Visibility Reveals about the Resurgence of One of the World’s Most Notorious Botnets Executive Summary Since its reemergence on Nov. 14, 2021, Black Lotus Labs has once again been tracking Emotet, one of the world’s most prolific […]
Executive Summary Black Lotus Labs, the threat research team of Lumen Technologies, uncovered a series of targeted actions against the Russian Federation’s Ministry of Foreign Affairs (MID). Based upon the totality of information available and the close correlation with prior […]
Executive Summary In April 2016, Microsoft shocked the PC world when it announced the Windows Subsystem for Linux (WSL). WSL is a supplemental feature that runs a Linux image in a near-native environment on Windows, allowing for functionality like command […]
Executive Summary In early June 2021, Black Lotus Labs identified ReverseRat, a remote access trojan (RAT) operated by a suspected Pakistani actor that was targeting government and energy sector organizations in South and Central Asia. After publishing our initial research, […]
