Browsing tag
Microsoft has confirmed that a Node.js-based malware dubbed Nodersok has affected thousands of Windows PCs over several weeks. This new strain of malware performs click-fraud by installing a copy of Node.js framework and transforms systems into proxies. The malware was first spotted by the Microsoft Defender ATP Research team back in mid-July. According to Microsoft’s […]
A widespread fileless malware campaign called Astaroth spotted with the “lived off the land” method to attack Windows users with advanced persistent technique to evade the detection. Microsoft uncovered this fileless malware using anomaly detection algorithm and the observation of sudden spike in the use of Windows Management Instrumentation Command-line (WMIC) tool to run the […]
In a recent blog post, the Microsoft Defender ATP research team issued a warning about a harmful file-less malware campaign called Astaroth. The team got alert when they noticed a sudden huge spike in the usage of the WMIC (Windows Management Instrumentation Command-Line) tool during the month of May and June 2019. They had deployed […]
Researchers discovered a new malware that infect MacOS via malicious website by disguised as WhatsApp official website where it also drops a malware for Windows Operating system. Attackers are targeting both Windows and MacOS operating system to injecting a backdoor that helps to execute malicious code from a remote server. Backdoor named as Mac.BackDoor.Siggen.20 gets on […]
The latest in a series of online attacks is ‘Aggah’, a global malware campaign with roots in the Middle East. The Windows Malware comprises a commodity Trojan script being spread via an infected Microsoft Word Document. The perpetrators are tricking users into downloading and activating the malicious code using RevengeRAT. Since RevengeRat is comprised of […]
Google removed around 145 apps from the Google Play store that infected by Windows Malware which are not developed to infect the Android platform but for windows OS devices. Removed APK files are infected while developers are creating these apps in compromised windows platform where attackers infect the applications with Windows-based keylogger. These types of […]
Researchers find 150 Ramnit-infected apps a year after a similar batch was discovered. Last year, researchers discovered 132 Android apps in the Google Play market that lamely attempted to infect users with… Windows malware. On Wednesday, researchers with a different security company reported finding 150 more. The latest batch of apps, like the ones 12 months ago, were […]
The “Your Windows is Banned” malware dates long back to late 2016. Back then, the users saw a message that their Windows installation had been frozen due to the violation of Microsoft’s terms. The message further mentioned that one needs to call a Microsoft tech support phone number. If one called on the number shown […]
WikiLeaks published today documentation on the CIA Angelfire project, a malware framework developed to infect Windows computers. According to a leaked CIA manual, Angelfire is made up of five components, each with its own purpose: ↦ Solartime – Malware that modifies the boot sector to load Wolfcreek. ↦ Wolfcreek – Self-loading driver that can load other drivers and user-mode applications. […]
Tagged as “Ranscam”, Powershell and script-based malware is a botched smash-and-grab. There has been a lot of ingenuity poured into creating crypto-ransomware, the money-making malware that has become the scourge of hospitals, businesses, and home users over the past year. But none of that ingenuity applies to Ranscam, a new ransom malware reported by Cisco’s Talos […]