Malware

Pierluigi Paganini August 25, 2016
Linux.PNScan Trojan is back to compromise routers and install backdoors

The Linux Trojan Linux.PNScan is back and it is actively targeting routers based on x86 Linux in an attempt to install backdoors on them. Yesterday I wrote about a new Linux Trojan dubbed Linux.Rex.1, a new Linux malware that is capable of self-spreading and creating a peer-to-peer botnet, now experts from Malware Must Die discovered a new strain […]

Pierluigi Paganini August 23, 2016
Linux.Rex.1, a new Linux Trojan the creates a P2P Botnet

Security researchers discovered a new Linux Trojan dubbed Linux.Rex.1 that is capable of self-spreading and create a peer-to-peer botnet. A newly observed Linux Trojan is capable of self-spreading through infected websites and can recruit the infected machines into a peer-to-peer (P2P) botnet, Doctor Web researchers warn. Security researchers from the firm Dr. Web have discovered […]

Pierluigi Paganini August 23, 2016
New Gozi Campaigns Target Global Brands with sophisticated features

Researchers from Buguroo discovered new Gozi campaigns using new techniques that targeted many banks and financial services worldwide. The Gozi malware was first spotted in 2007, its source code has been leaked twice in the criminal underground allowing the creation of new sophisticated version. Recently security experts from the IBM X-Force Research spotted a new threat dubbed GozNym […]

Pierluigi Paganini August 20, 2016
A new Brazilian banking Trojan leverages on PowerShell

According to Kaspersky experts Brazilian crooks have made an important addition to their malware leveraging on the PowerShell. Security experts from Kaspersky Lab have discovered a sophisticated banking trojan targeting Brazilian users. The threat, codenamed Trojan-Proxy.PowerShell.Agent.a, leverages on the Microsoft’s PowerShell utility. It is considered one of the most complex Brazilian malware samples discovered since […]

Pierluigi Paganini August 19, 2016
Emails among dumps published by Wikileaks includes 300+ malware

A malware researcher has analyzed the attachments of in the WikiLeaks email dumps and discovered more than 300 pieces of malware. WikiLeaks has published more than 300 pieces of malicious code among its caches of dumped emails. Dr Vesselin Bontchev (@bontchev), a top Bulgarian malware researcher, has analyzed documents published by the organization and detected […]

Pierluigi Paganini August 19, 2016
A new LOCKY ransomware campaign targets the healthcare

Malware researchers at FireEye security firm have spotted a new Locky ransomware campaign mainly  targeting the healthcare sector. Security experts from FireEye have spotted a Locky ransomware campaign mainly targeting the healthcare sector, Telecom and Transportation industries. Attackers launched  a massive phishing campaign to deliver the threat. The campaign bit organizations worldwide, mostly in the US, […]

Pierluigi Paganini August 19, 2016
Iran investigates possible cyber attacks behind a string Oil Industry incidents

Iran ’s cyberspace security authorities are investigating a string of fires in the country oil and gas facilities. Incidents or cyber sabotage? Once again, something of strange is happening in Iran, the Government of Teheran is investigating a recent string of incidents occurred in critical infrastructure in the country. The Iran’s Supreme National Cyberspace Council […]

Pierluigi Paganini August 18, 2016
Crooks abused Google AdSense network to deliver malware on Android Devices

Security experts from Kaspersky spotted a malware-based campaign that abused the Google Adsense Advertising network to spread a malicious code. Mobile malware is becoming an even more insidious threat, security experts are observing a rapid diffusion of spyware that is able to steal sensitive data from victim’s mobile devices. Very common are also malware that impersonates […]

Pierluigi Paganini August 17, 2016
Vawtrak banking Trojan improved once again, now with SSL Pinning

Security experts from Fidelis firm spotted a new version of the Vawtrak banking Trojan that includes significant improvements such as the SSL pinning. Malware researchers from security firm Fidelis have spotted a new strain of the infamous Vawtrak banking Trojan that leverages on a DGA mechanism to generates .ru domains with a pseudorandom number generator (PRNG) […]

Pierluigi Paganini August 14, 2016
Hitler ransomware just deletes files instead encrypt them

Security experts detected and analyzed a new threat, the Hitler ransomware, that doesn’t encrypt files but simply deletes them. Ransomware is one of the most dreaded threats for Internet users and a profitable business for crooks. In the last months, we have seen a number of malware belonging to this category, one of the most recent is […]