Aleksandar Milenkoski, Author at SentinelOne

Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector

Aleksandar Milenkoski / April 13, 2023

SentinelLABS has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).

Operation Tainted Love Chinese APTs Target Telcos In New Attacks 4

labs

Advanced Persistent Threat

Operation Tainted Love | Chinese APTs Target Telcos in New Attacks

Aleksandar Milenkoski / March 23, 2023

Cyber espionage actor deploys custom credential theft malware in new campaign targeting the telecoms sector.

sentinelone

DBatLoader and Remcos RAT Sweep Eastern Europe

From the Front Lines | 7 minute read

WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks

Aleksandar Milenkoski / February 16, 2023

A new threat cluster has been targeting telecommunication providers in the Middle East and abusing Microsoft, Google and Dropbox cloud services.

MalVirt .NET Virtualization Thrives In New Malvertising Attacks 3

labs

Crimeware

MalVirt | .NET Virtualization Thrives in Malvertising Attacks

Aleksandar Milenkoski / February 2, 2023

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

DragonSpark Attacks Evade Detection With SparkRAT And Golang Source Code Interpretation 1

labs

Adversary

DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation

Aleksandar Milenkoski / January 24, 2023

A cluster of attacks SentinelLABS tracks as DragonSpark uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.

11 Problems ChatGPT Can Solve For Reverse Engineers And Malware Analysts 1

labs

Security Research

11 Problems ChatGPT Can Solve For Reverse Engineers and Malware Analysts

Aleksandar Milenkoski / December 21, 2022

ChatGPT has captured the imagination of many across infosec. Here's how it can superpower the efforts of reversers and malware analysts.

The Mystery Of Metador An Unattributed Threat Hiding In Telcos ISPs And Universities 3

labs

Advanced Persistent Threat

The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques

Aleksandar Milenkoski / December 1, 2022

Discover the anti-analysis techniques of the Mafalda implant, a unique, feature-rich backdoor used by the Metador threat actor.

SocGholish Diversifies And Expands Its Malware Staging Infrastructure To Counter Defenders 2

labs

Crimeware

SocGholish Diversifies and Expands Its Malware Staging Infrastructure to Counter Defenders

Aleksandar Milenkoski / November 7, 2022

SocGholish operators continue to infect websites at a massive scale, and the threat actor is ramping up its infrastructure to match.

sentinelone

Ransoms Without Ransomware, Data Corruption and Other New Tactics in Cyber Extortion

From the Front Lines | 8 minute read