G2 Logo

Trouble Brewing - Dissecting a fake homebrew update that stole user data

By Oliver Simonnet, Lead Cyber Security Researcher at CultureAI

Table of contents

  • Preamble
  • Malvertising - Effective and on the rise
  • Looking at the install command
  • Reverse engineering the payload
  • Reversing the decoding function:
  • Reversing the decryption function
  • Decoding the second stage payload:
  • Conclusion
  • Indicators of Compromise (IoCs)
  • References
Oliver Simonnet avatar

Oliver Simonnet

Lead Security Researcher

10 March 20258 min read
Share:

Recommended for you

[object Object]

AI Myths Exposing the Governance Gap

CultureAI commissioned an independent research study of 300 senior technology, security, and risk leaders across North A...

[object Object]

5 Themes From a Candid Discussion

Eskenzi's IT Analyst & CISO Forum wasn’t a typical vendor event. No polished decks. No rehearsed narratives. Just operat...

[object Object]

AI Adoption Surging in Financial Services — But Control Lagging

Artificial intelligence is moving rapidly from experimentation into everyday use across financial services. While many f...