Malware Archives - Page 336 of 490

Pierluigi Paganini April 20, 2018

At least 20 Million Chrome users have installed malicious Ad Blockers from Chrome store

A security researcher has discovered five malicious Ad Blockers extensions in the Google Chrome Store that had been installed by at least by 20 million users. The security researcher Andrey Meshkov, co-founder of Adguard, has discovered five malicious Ad Blockers extensions in the Google Chrome Store that had been installed by at least by 20 […]

Pierluigi Paganini April 18, 2018

ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS

Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in the criminal underground, […]

Pierluigi Paganini April 17, 2018

Roaming Mantis Malware Campaign Leverages Hacked Routers to Infect Android Users With Banking Trojan

According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. Imagine a nefarious person swapped out your […]

Pierluigi Paganini April 16, 2018

Massive Ransomware attack cost City of Atlanta $2.7 million

According to Channel 2 Action News that investigated the incident, the ransomware attack on the City of Atlanta cost it at least $2.7 million. In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta. The ransomware infection has caused the interruption of several city’s online services, including “various internal […]

Pierluigi Paganini April 14, 2018

Malware researcher have dismantled the EITest Network composed of 52,000

Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it. Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS). The network was used to redirect users to compromised domains hosting exploit kits, delivering […]

Pierluigi Paganini April 13, 2018

When the Russian Malware coder Gatsoev is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia

When the Russian young Malware coder is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia. Under the spotlight: the story of Atsamaz Gatsoev (aka “1ms0rry”) who has set up his illegal business. A new write-up made by a security researcher known as Benkow (@Benkow_) has been […]

Pierluigi Paganini April 12, 2018

APT33 devised a code injection technique dubbed Early Bird to evade detection by anti-malware tools

The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems evading security solutions. The technique allows injecting a malicious code into a legitimate process, it allows execution […]

Pierluigi Paganini April 10, 2018

Booby-trapped Office docs build with ThreadKit trigger CVE-2018-4878 flaw

Microsoft Office documents created with the exploit builder kit dubbed ThreadKit now include the code for CVE-2018-4878 flaw exploitation. At the end of March, security experts at Proofpoint discovered a Microsoft Office document exploit builder kit dubbed ThreadKit that has been used to spread a variety of malware, including banking Trojans and RATs (i.e. Trickbot, Chthonic, FormBook and Loki Bot). […]

Pierluigi Paganini April 09, 2018

Crooks distribute malware masquerade as fake software updates and use NetSupport RAT

Researchers at FireEye have spotted a hacking campaign leveraging compromised websites to spread fake updates for popular software that were also used to deliver the NetSupport Manager RAT. NetSupport is an off-the-shelf RAT that could be used by system admins for remote administration of computers. In the past, crooks abuse this legitimate application to deploy malware on victim’s […]

Pierluigi Paganini April 08, 2018

Experts spotted a campaign spreading a new Agent Tesla Spyware variant

A new variant of the infamous Agent Tesla spyware was spotted by experts at Fortinet, the malware has been spreading via weaponize Microsoft Word documents. Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware […]

Malware

At least 20 Million Chrome users have installed malicious Ad Blockers from Chrome store

ZLAB MALWARE ANALYSIS REPORT: RANSOMWARE-AS-A-SERVICE PLATFORMS

Roaming Mantis Malware Campaign Leverages Hacked Routers to Infect Android Users With Banking Trojan

Massive Ransomware attack cost City of Atlanta $2.7 million

Malware researcher have dismantled the EITest Network composed of 52,000

When the Russian Malware coder Gatsoev is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia

APT33 devised a code injection technique dubbed Early Bird to evade detection by anti-malware tools

Booby-trapped Office docs build with ThreadKit trigger CVE-2018-4878 flaw

Crooks distribute malware masquerade as fake software updates and use NetSupport RAT

Experts spotted a campaign spreading a new Agent Tesla Spyware variant

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Taiwan flags security risks in popular Chinese apps after official probe

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

QUICK LINKS

Malware

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!