Browsing category
Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK. According to the security firm, the malicious ads included in this malvertising campaign belonged to advertising network ExoClick, who was notified and promptly identified and terminated […]
The vast majority of malware incidents that take place at industrial facilities around the world are just accidental infections, albeit a very small number of targeted attacks have also been detected. This is the conclusion of a study carried out by researchers from cybersecurity firm Dragos, who took a look at over 500,000 reported cyber […]
Malware authors in China are using fake base transceiver stations (BTSs), which is equipment usually installed on cellular telephone towers, to send spoofed SMS messages that contain links to Android malware. This is the first ever reported case when malware authors have used base stations to spread malware, a trend that Avast predicted in 2014, […]
A new ransomware was discovered today by MalwareHunterTeam called LLTP Ransomware or LLTP Locker that is targeting Spanish speaking victims. On a closer look, this ransomware appears to be a rewritten version of the VenusLocker ransomware. In summary, the LLTP Ransomware has the ability to work in online or offline mode. So regardless of whether there is a connection to […]
A malware author that loves Polish hip hop music appears to be behind the Polski, Vortex, and Flotera (spelled Ŧl๏tєгค) ransomware families that have made a small number of victims between January and March this year. All three ransomware families are related, and one evolved from the other. First on the scene was the Polski […]
PUP(potentially unwanted program) packages that install’s along with Chinese software’s consist of backdoors targeting English speakers. The backdoor was uncovered by Malware bytes research team by analyzing a China-developed WiFi hotspot application. Distribution of Backdoor These backdoors are being dropped by one of the major PUP bundler networks and then the bundler runs the installation hidden […]
A driver secretly installed via PUPs packages for Chinese software contain backdoors enabling a third-party to load unsigned drivers or to execute code with higher privileges on a Windows machine. The backdoor was discovered by Malwarebytes researchers part of various bundled software packages pushed by at least two major PUP bundler networks. The PUP installer […]
In 2014, ESET delivered a comprehensive and detailed report on Operation Windigo. We take a look back at what was documented and what insight was gathered.
We are seeing a wave of new NSIS installers used in ransomware campaigns. These new installers pack significant updates, indicating a collective move by attackers to once again dodge AV detection by changing the way they package malicious code. These changes are observed in installers that drop ransomware like Cerber, Locky, and others. Cybercriminals have […]
A new group of POS malware family made its presence targeting business systems around North America and Canada.The objective of PoS malware is to take information related to monetary exchanges, including credit card information. TrendMicro detected MajikPOS Dual malware which uses a combination of PoS malware and remote access Trojan (RAT) to attack their targets. MajikPOS […]
Trend Micro has discovered a new PoS malware, tracked as MajikPOS, that is targeting business in North America and Canada. Security experts at Trend Micro have discovered a new PoS malware, tracked as MajikPOS, that is targeting business in North America. The experts explained that the MajikPOS has the same capabilities of any other PoS malware, […]
A new CryptoMix, or CryptFile2, variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below. As a note, in this article I will be referring to this […]
Previously unknown ransomware technique. This year we found a new family of ransomware used in targeted attacks against organizations. After penetrating an organization’s network the threat actors used the PsExec tool to install ransomware on all endpoints and servers in the organization. The next interesting fact about this ransomware is that the threat actors decided […]
A scientist’s Team from Graz University of Technology revealed the method that leaking the encryption data from Intel SGX (Software Guard Extensions ) enclaves which is called Isolated Memory FIeld . Intel SGX is a set of new instructions from Intel that allows user-level code to allocate private regions of memory, called enclaves, that unlike […]
Hancitor has grown into the main five of the ‘most wanted’ malware families worldwide for the first time, reported by Checkpoint Threat Intelligence Research Team. Hancitor also called as Chanitor is typically sent as a macro-enabled empowered Office document in phishing messages with “critical” messages, for example, phone messages, faxes or invoices. Mostly the main 10 malware families […]
Mobile Threat prevention Team from Checkpoint Software Discovered Pre-Installed malware in more than 30 android smartphone models belonging to popular Mobile companies such as Samsung , Lenovo , Nexus,Xiaomi ,Asus , LG, Oppo,Vivo . This malware is not an usual malware as download to the devices and attacker behind of the infection . This has been […]
Malicious apps were surreptitiously added somewhere along the supply chain. A commercial malware scanner used by businesses has recently detected an outbreak of malware that came preinstalled on more than three dozen Android devices. An assortment of malware was found on 38 Android devices belonging to two unidentified companies. This is according to a blog […]
Originally, it was expected that mobile devices would evolve to become handheld computers with capabilities similar to any desktop. It is clear today that our smartphones and tablets have evolved beyond this point, creating new means of technological interaction not previously imagined. Within the context of socio-technological revolution, the rise of virtual reality technology raises […]
Researchers from Palo Alto Networks have come across a new ransomware family that combines many unique features, such as political statements, public subdomain creation, and encryption tiers. Named RanRan, researchers spotted infections with this threat in only one country in the Middle East. Researchers were drawn to this threat by the political implications for each […]
ESET researchers discovered 13 new Instagram credential stealers on Google play and looked into the motivations behind their fraudulent schemes.
A version of the popular mobile app Facebook has been found to be infected with what we detect as Android/Trojan.Spy.FakePlay. Facebook Lite is a more compact version of the popular app that uses less data and claims to work in all network conditions (i.e. where network conditions are poor). The infected Facebook Lite works as […]