Malware

Pierluigi Paganini August 01, 2018
SamSam Ransomware operators earned more than US$5.9 Million since late 2015

The security experts from Sophos have published a report on the multimillion-dollar black market business for crooks, they analyzed the SamSam ransomware case as a case study. The researchers that have tracked Bitcoin addresses managed by the crime gang discovered that crooks behind the SamSam ransomware had extorted nearly $6 million from the victims since December […]

Pierluigi Paganini July 31, 2018
Ransomware attack against COSCO spread beyond its US network to Americas

New revelations on the attack against COSCO confirm it was worse than initially thought, the ransomware spread beyond the US network. Chinese shipping giant COSCO recently suffered a ransomware attack that disrupted some systems of the company in the United States. The shipping company quickly isolates the systems to avoid propagation to other regions and started […]

Pierluigi Paganini July 31, 2018
A new sophisticated version of the AZORult Spyware appeared in the wild

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18 Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared […]

Pierluigi Paganini July 31, 2018
Fileless PowerGhost cryptocurrency miner leverages EternalBlue exploit to spread

Security experts from Kaspersky Lab have spotted a new cryptocurrency miner dubbed PowerGhost that can spread leveraging a fileless infection technique. The PowerGhost miner targets large corporate networks, infecting both workstations and servers, it employing multiple fileless techniques to evade detection. “The malware, which we dubbed PowerGhost, is capable of stealthily establishing itself in a system and spreading […]

Pierluigi Paganini July 30, 2018
FELIXROOT Backdoor is back in a new fresh spam campaign

Security experts from FireEye have spotted a new spam campaign leveraging the FELIXROOT backdoor, a malware used for cyber espionage operation. The FELIXROOT backdoor was first spotted by FireEye in September 2017, when attackers used it in attacks targeting Ukrainians. The new spam campaign used weaponized documents claiming to provide information on a seminar on environmental protection efforts. […]

Pierluigi Paganini July 29, 2018
Mysterious snail mail from China sent to US agencies includes Malware-Laden CD

Several U.S. state and local government agencies have reported receiving suspicious letters via snail mail containing malware-laden CD Crooks and cyberspies attempt to exploit any attack vector to compromise the targeted computers and the case we are going to discuss demonstrate it. The popular security expert Brian Krebs reported that several U.S. state and local […]

Pierluigi Paganini July 29, 2018
Underminer Exploit Kit spreading Bootkits and cryptocurrency miners

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. Malware researchers from Trend Micro have spotted a new exploit kit, tracked as Underminer exploit kit, delivering a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “We […]

Pierluigi Paganini July 28, 2018
Microsoft revealed details of a supply chain attack at unnamed Maker of PDF Editor

Microsoft revealed that hackers attempted to compromise the supply chain of an unnamed maker of PDF software. The attackers compromised a font package installed by a PDF editor app and used it to spread a crypto-mining malware on victims’ machines. The attack was discovered by the experts from Microsoft that received alerts via the Windows […]

Pierluigi Paganini July 27, 2018
Parasite HTTP RAT implements a broad range of protections and evasion mechanisms

Researchers from Proofpoint have discovered a new remote access Trojan (RAT) named Parasite HTTP that implements a broad range of evasion techniques. The Parasite HTTP RAT has a modular architecture that allows authors to easily add new features. The malware includes sandbox detection, anti-debugging, anti-emulation, and other defense mechanisms. “Proofpoint researchers recently discovered a new remote […]

Pierluigi Paganini July 27, 2018
Dutch brothers sentenced to community service for involvement in CoinVault ransomware distribution

On Thursday, two Dutch brothers were sentenced to 240 hours of community service for creating and using the CoinVault ransomware. In 2015, Melvin (25) and Dennis van den B. (21), were arrested from a district court in Rotterdam for their alleged involvement in CoinVault ransomware creation and distribution. On Thursday, the Dutch men were sentenced to 240 hours […]