Malware

Pierluigi Paganini April 01, 2016
The dangerous interaction between Russian and Brazilian cyber criminal underground

Kaspersky has analyzed the interaction between the Russian and Brazilian criminal underground communities revealing a dangerous interaction. In the past weeks, we have analyzed the evolution of cyber criminal communities worldwide, focusing on illicit activities in the Deep Web. To simplify the approach we have considered the principal cyber criminal communities (Russia, Brazil, North America, Japan, China, Germany) as separated entities, instead, these ecosystems interact […]

Pierluigi Paganini March 31, 2016
The Linux Remaiten malware is building a Botnet of IoT devices

Experts from the ESET firm have spotted a new threat in the wild dubbed Remaiten that targets embedded systems to recruit them in a botnet. ESET is actively monitoring malicious codes that target IoT systems such as routers, gateways and wireless access points, rather than computers or smartphones. Security researchers from ESET have discovered a new threat dubbed KTN-RM or Remaiten that targets Internet […]

Pierluigi Paganini March 31, 2016
The KimcilWare Ransomware targets Magento Platforms

Security experts from the MalwareHunterTeam have discovered KimcilWare ransomware, a malware specifically designed to target Magento e-commerce platforms. Security experts from the MalwareHunterTeam have spotted a news train of ransomware, called KimcilWare, specifically designed to target Web servers, and more specifically Magento e-commerce platforms. “A new ransomware called KimcilWare has been discovered that appears to be targeting […]

Pierluigi Paganini March 30, 2016
TreasureHunt PoS Malware targets small retailers and banks

Security experts at FireEye have spotted the activity of a criminal organization that using the custom PoS malware TreasureHunt to target small retailers. Security experts at FireEye have spotted the activity of a criminal organization that using custom PoS malware family to target retailers. Hackers are using the PoS malware dubbed TreasureHunt or TreasureHunter to steal payment card data and sells […]

Pierluigi Paganini March 29, 2016
Bitdefender Vaccine now supports also CTB-Locker, Locky, TeslaCrypt

The prevention is better that the cure, users can immunize their PC against CTB-Locker, Locky and TeslaCrypt using Bitdefender Anti-ransomware vaccine. Security experts from the Romanian security vendor Bitdefender have updated their anti-ransomware vaccine in order to protect machines from the latest versions of the CTB-Locker, Locky and TeslaCrypt ransomware. According data recently published by […]

Pierluigi Paganini March 29, 2016
USB Thief, the new USB-based data stealing Trojan

USB Thief, the new USB-based data-stealing Trojan discovered by ESET that relies on USB devices in order to spread itself and infect also air-gapped systems Security researchers at ESET have discovered a new insidious data-stealer, dubbed USB Thief (Win32/PSW.Stealer.NAI), that relies on USB devices in order to spread itself. USB Thief is able to infect […]

Pierluigi Paganini March 28, 2016
PowerWare ransomware, a new fileless threat in the wild

Experts at Carbon Black spotted in the wild a new threat dubbed PowerWare ransomware that exploits PowerShell, the native Windows framework. Authors of ransomware are implementing new features to make their malware even more dangerous and effective. Yesterday I wrote about the new Petya ransomware, which overwrites MBR causing a blue screen of death, now I […]

Pierluigi Paganini March 27, 2016
PETYA ransomware overwrites MBR causing a blue screen of death

The Petya ransomware causes a blue screen of death (BSoD) by overwriting the MBR and leaves a ransom note at system startup. Ransomware is one of the most dangerous threats of this first part of the year, recently experts at TrendMicro has spotted a new malicious code dubbed Petya (RANSOM_PETYA.A) that overwrites MBR to lock users out […]

Pierluigi Paganini March 25, 2016
EC Council Website Hacked and used to serve malicious code

Researchers at Fox-IT warn that the website of security certification provider EC Council has been compromised to host the malicious Angler Exploit Kit. No one is secure, we are all potential targets, even if you are a skilled expert and the fact that I’m going to tell you demonstrates it. The website of security certification provider […]

Pierluigi Paganini March 23, 2016
The FBI is investigating ransomware-based attack at Methodist Hospital

The FBI is investigating cyber-attack at Methodist Hospital in Henderson, once again a ransomware hit a critical infrastructure. Ransomware is one of the most dangerous cyber threats for businesses and government organizations, the number of infections worldwide is in constant increase. Recently I reported the discovery in the wild of the a new variant of the TeslaCrypt, […]