The Skygofree spyware analyzed by Kaspersky today was first spotted by the researcher Lukas Stefanko and the first analysis was published last year by the CSE Cybsec ZLab. Security researchers at Kaspersky Lab have made the headlines because they have spotted a new strain of a powerful Android spyware, dubbed Skygofree, that was used to gain full control […]
A new variant of the infamous disk-wiper malware KillDisk has been spotted by malware researchers at Trend Micro while targeting financial organizations in Latin America. A new variant of the infamous disk-wiper malware KillDisk has been spotted by malware researchers at Trend Micro. This variant of KillDisk, tracked as TROJ_KILLDISK.IUB, was involved in cyber attacks against financial […]
Researcher @unixfreaxjp spotted the first time ever in the history of computer engineering a Linux malware designed to infect ARC CPU, this new Linux ELF malware was dubbed MIRAI OKIRU. In August 2016 the researcher @unixfreaxjp from @MalwareMustDie team first spotted the dreaded Mirai botnet, now the same researcher is announcing a new big earthquake in the malware […]
VirusTotal announced the availability of a visualization tool, dubbed VirusTotal Graph, designed to help with malware analysis. The VirusTotal Graph should allow investigators working with multiple reports at the same time, to try to pivot between multiple data points (files, URLs, domains and IP addresses). The observation of the connections across different samples of malware could allow investigators to collect more […]
Malware researchers at Talos group have discovered a strain of Zeus banking Trojan that abuses the legitimate website of the Ukraine-based accounting software developer Crystal Finance Millennium (CFM). The experts discovered that the version of the ZeuS banking Trojan used in this attack is the 2.0.8.9 that was leaked in 2011. The attack occurred in August […]
Security experts at F5 discovered a new Linux Monero crypto-miner botnet dubbed PyCryptoMiner spreading over the SSH protocol. F5 researchers discovered a new Linux crypto-miner botnet dubbed PyCryptoMiner spreading over the SSH protocol. The Monero miner botnet is based on the Python scripting language, it leverages Pastebin as command and control server infrastructure when the original C&C isn’t available. If all C&C servers […]
The Necurs botnet made the headlines at year-end sending out tens of millions of spam emails daily as part of massive ransomware campaigns. Necurs was not active for a long period at the beginning of 2017 and resumed it activity in April. The Necurs botnet was used in the past months to push many other malware, including Locky, Jaff, GlobeImposter, Dridex , […]
A hacker belonging to the Lurk cybercrime gang admits the creation of WannaCry ransomware and DNC hack on request of intelligence agencies. In an interview to Dozhd TV channel, one of the members of the Lurk crime group arrested in the Russian city of Ekaterinburg, Konstantin Kozlovsky, told that he was one of the authors of the dreaded WannaCry ransomware and that […]
The Italia cyber security expert Marco Ramilli, founder of Yoroi, published an interesting analysis of a quite new InfoStealer Malware delivered by eMail to many International Companies. Attack attribution is always a very hard work. False Flags, Code Reuse and Spaghetti Code makes impossible to assert “This attack belongs to X”. Indeed nowadays makes more sense talking about Attribution […]
The cybersecurity expert Willem de Groot reported cyber attacks against Magento websites running the popular helpdesk extension ‘Mirasvit Helpdesk.’ de Groot observed attackers sending a message like this to Magento merchants: Hey, I strongly recommend you to make a redesign! Please contact me if you need a good designer! – [email protected] The message contains a specially crafted sender that […]