Browsing category
The Canadian government is asking citizens for their feedback on several privacy and cyber-security topics, as part of a public consultation period for upcoming changes to Canada’s national security framework. The online feedback page touches on a series of hot topics such as encryption backdoors, ISP data retention, basic subscriber information, and law enforcement interception […]
Visiting popular websites and getting infected without any interaction? ESET explains how the stealthy Stegano exploit kit, hiding in the pixels of malicious ads, is capable of performing this dirty job.
Crooks are spreading Android malware disguised as a one-time password (OTP) generator app for banking apps that steals the user’s banking credentials and then installs the TeamViewer QuickSupport app to allow attackers to take over the victim’s phone. Researchers say this threat (ANDROIDOS_FAKEBANK.OPSA) is part of a two-year-old malware distribution campaign called Operation Emmental. This […]
A year after its disruption on 2nd December 2015, We Live Security looks at life after Dorkbot.
Symantec plays part in takedown of the Avalanche malware-hosting network. The Avalanche malware-hosting network has been dealt a severe blow following the takedown of infrastructure used by at least 17 malware families. The takedown operation, which was a combined effort by multiple international law enforcement agencies, public prosecutors, and security and IT organizations including Symantec, […]
Earlier this week coordinated law enforcement action took down the Avalanche fast-flux network. ESET has been assisting in the cleanup.
Recently, we discovered a new Google Android Trojan named “PluginPhantom”, which steals many types of user information including: files, location data, contacts and Wi-Fi information. It also takes pictures, captures screenshots, records audios, intercepts and sends SMS messages. In addition, it can log the keyboard input by the Android accessibility service, acting as a keylogger. […]
A new multi-functional malware family detected as Proteus can transform the computers of infected users in proxy servers, can mine for various types of crypto-currencies, can log keystrokes, and check the validity of stolen online accounts. Detected by security researchers from Fortinet, this new malware family is written in .NET and current evidence reveals that […]
You probably know MailChimp either as an email newsletter service, or the company that seems to have adverts on every single podcast you’ve ever listened to. Hackers recently jumped on that popularity, and managed to send out emails containing malicious links to subscribers of various different companies. The incident shows that hackers will likely use […]
Researchers have discovered a new hacking campaign leveraging on Facebook Messenger to spread the Locky ransomware via SVG images. The Locky Ransomware is spread via a downloader, experts noticed that it is able to bypass Facebook defense measures by pretending to be a harmless image file. The campaign was first spotted during the weekend by the malware […]
The Conficker worm was huge news when it emerged towards the end of 2008, exploiting millions of Windows devices. Today, it remains one of the most pervasive malware families around the globe.
Brad Duncan, a security researcher for Rackspace, is well known for monitoring exploit kit activity and the payloads that are being distributed by them. In an article posted yesterday, Brad shows how the RIG-E (Empire) exploit kit has started to distribute a new ransomware called CHIP. When a visitor browses to a site compromised with […]
Security researcher MalwareHunterTeam has discovered a new ransomware family that its creators have named Crypton. After a flood of poorly coded .NET-based ransomware families have invaded VirusTotal, Crypton is a little bit more complex. “It’s a ‘good’ one,” MalwareHunterTeam told Bleeping Computer on Twitter. “At least compared to the latest .NET ones, this is not […]
New Android.Fakebank.B variants use social engineering to bypass a battery-saving process and stay active in the background. Recent variants of Android.Fakebank.B have been updated to work around the battery-saving process Doze. The variants display a pop-up message asking the user to add the threat to the Battery Optimizations exceptions whitelist. If this technique works, then […]
In “mistake,” AdUps collected data from BLU Android phones in US. Security firm Kryptowire has uncovered a backdoor in the firmware installed on low-cost Android phones, including phones from BLU Products sold online through Amazon and Best Buy. The backdoor software, initially discovered on the BLU R1 HD, sent massive amounts of personal data about the […]
A security researcher named slipstream/RoL has discovered the Karma Ransomware, which pretends to be a Windows optimization program called Windows-TuneUp. What is worse is that this sample was discovered as software that would potentially be distributed by a pay-per-install software monetization company when people install free software downloaded from the Internet. I have been railing against adware […]
In a surprise move, the master decryption keys for the CrySiS Ransomware have been released early this morning in a post on the BleepingComputer.com forums. At approximately 1 AM EST, a member named crss7777 created a post in the CrySiS support topic at BleepingComputer with a Pastebin link to a C header file containing the actual master decryption keys and information […]
Emails tell victims they need to download an attachment to view “suspicious activity” – then infects them with ransomware. In the immediate aftermath of a major data breach, cybercriminals will often look to take advantage of the situation by sending phishing emails warning people their credentials aren’t safe and that they must login through a […]
This feature offers a very digested read of ESET’s trilogy of research papers on Sednit, one of the most notorious groups of cyberattackers in the world.
Tesco Bank, which recently saw thousands of its customers lose funds to cybercriminals, has been found on the target list of the so-called Retefe malware.
The internet of things is totally broken. Amateur hackers have managed to build huge botnets of compromised devices, and many of these machines are difficult or near-impossible for manufacturers to remotely keep up to date. But there’s another way to keep internet of things hackers at bay: by making your router, which typically handles all […]