Malware

Pierluigi Paganini August 13, 2016
Scylex malware Kit offered for sale in the criminal underground

Experts from Heimdal security firm discovered a new crimeware kit, the Scylex malware kit, that aims to provide Zeus-grade Capabilities. Security experts from the Heimdal security firm have discovered a new DIY financial crime kit offered for sale on a notorious malicious hacker forum on the dark web called Lampeduza. The new crime kit, dubbed Scylex malware kit, […]

Pierluigi Paganini August 10, 2016
Linux.Lady, a Go-based Linux Trojan that mines cryptocurrency

Russian antivirus company Doctor Web discovered a new Linux Trojan dubbed Linux.Lady that is used by crooks to mine cryptocurrency. According to a new report published by the antivirus company Doctor Web, a Go-Based Linux Trojan, Dubbed Linux.Lady.1, is exploited by cyber criminals for cryptocurrency mining. “Doctor Web analysts have detected and examined a new Linux Trojan which […]

Pierluigi Paganini August 08, 2016
ProjectSauron APT, aka Strider, found targeting firms in Russia, China

Experts spotted a previously unknown APT group dubbed Strider or ProjectSauron that carried out surgical cyber-espionage attacks against targets worldwide. A previously unknown hacking group variously dubbed ‘Strider’ or ‘ProjectSauron’ has been conducting a surgical cyber espionage campaign against targets in Russia, Belgium, China, Iran, Sweden, and Rwanda. According to experts from Symantec, the Strider crew […]

Pierluigi Paganini August 08, 2016
Garda forced to shut down its systems after a malware-based attack

The experts from the Irish Garda are investigating a malware-based attack that forced it to shut down its data systems. No system was breached. The Garda Síochána, the national police service of Ireland, was forced to shut down its data systems in response to a malware-based attack. The Ireland’s national police put in place the emergency […]

Pierluigi Paganini August 06, 2016
Cyberwar – The cyberspace is already a dangerous battlefield

The number of high-profile hacks demonstrates that a silent cyberwar is already ongoing among countries in the cyberspace. The recent hacks of the Democratic National Committee and presidential candidate Hillary Clinton’s campaign and the alleged infections spotted by the Russian FSB inside government networks demonstrate the intense activity in the cyberspace. It is a virtual […]

Pierluigi Paganini August 06, 2016
Kasidet PoS malware bypasses Account Control posing as Microsoft App

Experts from Dr Web discovered a new PoS malware dubbed Kasidet that can bypass User Account Control (UAC) by posing as a legitimate Microsoft application. A new strain of PoS malware is in the wild, experts from security firm Doctor Web  named it Trojan.Kasidet.1 and it is able to bypass defense mechanism such as the Microsoft […]

Pierluigi Paganini August 02, 2016
Afraidgate campaign switches from CryptXXX to Locky Ransomware

Operators behind the Afraidgate campaign continue to leverage on Neutrino EK, but switches from CryptXXX to Locky Ransomware. According to the experts from Palo Alto Networks, one of the most long-lived hacking campaigns leveraging on the Neutrino EK switches from CryptXXX to the Locky Ransomware. The campaign dubbed Afraidgate due to the name of the gate domains (using name servers from […]

Pierluigi Paganini August 01, 2016
PayPal accounts abused to distribute the Chthonic Banking Trojan

Experts from Proofpoint discovered that the Banking trojan Chthonic was distributed via ‘legitimate’ PayPal accounts by abusing the “money request” feature. The imagination of cyber criminals is a never-ending pit, according to the security firm Proofpoint, crooks are abusing PayPal to distribute the Chtonic banking trojan. Chtonic is a strain of the most notorious Zeus Trojan, the […]

Pierluigi Paganini July 31, 2016
The Great Spyware sale: SpyNote available for free use

Palo Alto Networks recently discovered a Remote Access Trojan dubbed SpyNote that is free available allowing anyone to launch attacks in the wild. I love when the sale happens in malls. People just rush and want to get good things for cheap prices. And who doesn’t love something free? The spyware and malware market is highly lucrative when […]

Pierluigi Paganini July 28, 2016
Locky Ransomware now relies on JavaScript instead downloaders 

A new ransomware campaign relies on a Locky variant that is distributed through JavaScript that includes the binary of the threat itself. Locky is one of the most infamous threats of the ransomware family and according to the experts it is in continuous evolution. The threat has been using JavaScript attachments as a distribution mechanism, but most […]