Sign1 Malware: Analysis, Campaign History & Indicators of Compromise
A new client recently came to us reporting seemingly random pop ups occurring on their website. While it was clear that there was something amiss with the website it was difficult to reproduce the issue. However, by inspecting our server side scanner logs we were able to locate the source of the unwanted behavior — and it turned out to be a remarkably interesting JavaScript injection related to a massive malware campaign that we internally call Sign1.
Read more: Sign1 Malware: Analysis, Campaign History & Indicators of Compromise
Story added 20. March 2024, content source with full text you can find at link above.