Malware

Pierluigi Paganini January 20, 2017
Satan, the ransomware-as-a-service surfaced in the dark web

The independent malware research @Xylit0l discovered the Satan ransomware, a malware belonging to the Gen:Trojan.Heur2.FU family. Yesterday the independent malware research @Xylit0l discovered the Satan ransomware, a malware belonging to the Gen:Trojan.Heur2.FU family. Satan is provided as a RaaS (Ransomware-as-a-Service). New #RaaS https://t.co/wbqn2GOuvo pic.twitter.com/skTTNCDbod — Xylitol (@Xylit0l) January 18, 2017 The Satan ransomware used RSA-2048 […]

Pierluigi Paganini January 19, 2017
Quimitchin, a Mac backdoor that includes antiquated code

Researchers at Malwarebytes have discovered the first Mac malware of 2017, dubbed Quimitchin, that was used against  biomedical research institutions. Security experts have spotted the first Mac malware of 2017, dubbed Quimitchin,  and it is considered a malicious code not particularly sophisticated and includes some antiquated code. According to the researchers from Malwarebytes, the code has […]

Pierluigi Paganini January 18, 2017
US cancer agency targeted by a singular ransomware attack

A new ransomware campaign has targeted the not-for-profit cancer services organisation “Little Red Door” requesting a US$44,000 ransom. A new ransomware campaign has targeted a not-for-profit cancer services organisation, the Little Red Door. The organization provides a number of cancer support services, including diagnostics and treatment. The system at the agency was infected by a ransomware last Wednesday, […]

Pierluigi Paganini January 16, 2017
New campaign leverages RIG Exploit kit to deliver the Cerber Ransomware

Experts from Heimdal Security warned of a spike in cyber attacks leveraging the popular RIG Exploit kit to deliver the Cerber Ransomware. The RIG exploit kit is even more popular in the criminal ecosystem, a few days ago security experts at Heimdal Security warned of a spike in cyber attacks leveraging the popular Neutrino and […]

Pierluigi Paganini January 13, 2017
Two observations about the Italian EyePyramid espionage campaign

Let’s try to analyze some facts about the Italian EyePyramid espionage campaign. Prof. Corrado Aaron Visaggio helped us in this difficult task. The Italian EyePyramid espionage campaign raised to me two simple questions: (i) Are the criminals geniuses or dummies? (ii) How can an old, known, easy-to-detect malware infect so many machines belonging to different […]

Pierluigi Paganini January 12, 2017
EyePyramid – Police arrests two for hacking into emails of politicians, lawyers, entrepreneurs, and masons

Two Italian siblings have been arrested by Italian Police and they were charged with a long-running cyber espionage campaign. This is a very intriguing story, two Italian siblings Giulio and Francesca Maria Occhionero gave been arrested by Italian Police and they were charged with a long-running cyber espionage campaign that targeted Italian politicians, lawyers, entrepreneurs, and masons. The […]

Pierluigi Paganini January 12, 2017
Spora Ransomware allows victims to pay for immunity from future attacks

 Security experts from Emsisoft spotted a new strain of malware, the Spora ransomware, that allows potential victims to pay for immunity from future attacks. Security experts from Emsisoft spotted a new strain of ransomware dubbed Spora that implements a singular extortion mechanism, it allows potential victims to pay for immunity from future attacks. According to the experts, […]

Pierluigi Paganini January 10, 2017
A Second variant of Shamoon 2 targets virtualization products

A second variant of the Shamoon 2 malware was discovered by researchers at Palo Alto Networks, this threat also targets virtualization products. A new strain of the Shamoon 2 malware was spotted by the security experts at Palo Alto Networks, this variant targets virtualization products. Shamoon, also known as Disttrack, was first spotted in a wave of attacks that targeted […]

Pierluigi Paganini January 10, 2017
The Los Angeles Community College District paid a $28,000 ransom to decrypt its files

The Los Angeles Community College District has paid a US$28,000 ransomware after crooks compromised its network. Fortunately, the school retrieved data. A Los Angeles school has paid a US$28,000 ransomware after crooks compromised its network. Cyber criminals encrypted computer services, including email systems, at the Los Angeles Community College District. The ransomware used in the attack encrypted […]

Pierluigi Paganini January 10, 2017
CVE-2016-7200 & CVE-2016-7201 Edge flaws added to the Sundown Exploit Kit

The operators behind the Sundown exploit kit have started using two Microsoft Edge flaws just a few days after researchers published a PoC exploit. The Sundown exploit kit is becoming one of the most popular crimeware kits in the hacking underground. The last time we saw it was at the end of 2016 when malware researchers spotted a […]