Marcus Hutchins

Posts by Marcus Hutchins

Placeholder image for Inside Lazarus: How North Korea uses AI to industrialize attacks on developers
Threat intel | 21 min read
Inside Lazarus: How North Korea uses AI to industrialize attacks on developers

Expel is tracking a North Korean (DPRK) state-sponsored APT group. This group is targeting Web3 developers to steal cryptocurrency and NFTs.

Placeholder image for ClearFake gets more evasive with new living off the land (LOTL) techniques
Threat intel | 12 min read
ClearFake gets more evasive with new living off the land (LOTL) techniques

ClearFake's latest campaign uses fake CAPTCHAs and social engineering trick victims into installing malware, and it's getting more evasive.

Expel Intel
Threat intel | 7 min read
Along for the ride: When legitimate software becomes a signed malware loader

Analyzing a highly evasive malware loader that exploits legitimate, signed Greenshot software through DLL sideloading. See our detailed technical analysis.

Placeholder image for Cache smuggling: When a picture isn’t a thousand words
Threat intel | 6 min read
Cache smuggling: When a picture isn’t a thousand words

We recently observed an innovative campaign using the ClickFix attack tactic for cache smuggling. Here's what you need to know.