Articles about Malware

Kaspersky has released the results of an astonishing study that found that almost half of world's Industrial Control System (ICS) computers was subjected to malicious cyber activity last year.

While malware and cyber attacks have been a problem for some time, there is particular concern about the rising numbers of ICS computers being affected. In the case of downtime for such systems, there is the risk of material losses and production downtime at industrial facilities.

Continue reading →

Yesterday we reported about a warning from Kaspersky that the ASUS Live Update Utility had been hacked to deliver ShadowHammer backdoor malware. ASUS has now released a patch to secure systems, and Kaspersky has released a tool that you can use to check whether you have been affected by the malware.

It's important that ASUS users install the patch -- described as a "critical" update by the company -- to secure their systems, but it's also a good idea to use Kaspersky's utility to see whether your computer has been infected with ShadowHammer.

Continue reading →

Kaspersky Lab reports that the software update system used by ASUS was hijacked by hackers and used to deliver a backdoor-laden piece of malware to users. The company estimates that around a million users may have been affected by what it describes as "one of the biggest supply-chain incidents ever".

Back in January, the security firm discovered that a threat actor interfered with the ASUS Live Update Utility, adding a backdoor to it. Signed with an official ASUS certificate and carefully crafted to be precisely the same size as the official tool, the malware -- dubbed ShadowHammer -- went unnoticed for some time.

Continue reading →

Remote Access Trojans (RATs) are often used to steal information from enterprise networks. By looking at network metadata, analysts at threat intelligence firm Recorded Future have been able to identify RAT command-and-control (C2) servers, and more crucially, which corporate networks are communicating to those controllers.

This offers insight about third-party organizations that Recorded Future clients can use to get a better understanding of potential third-party risk to their own data.

Continue reading →

Check Point Research has uncovered two massive mobile adware and data stealing campaigns, which have already had a combined total of over 250 million downloads globally.

Both target mobiles using Android, and exploit the mobile app development supply chain to infect devices and perform malicious actions.

Continue reading →

Coinhive continued to hold the top spot in Check Point Research's February Global Threat Index, impacting 10 percent of organizations worldwide, even though its services were shut down on March 8th.

In February, the two most prevalent malware variants were cryptominers, followed by the Emotet banking Trojan. Coinhive has seen a downward trend in its global impact, from 18 percent of organizations in October 2018 to 12 percent in January 2019 and with a further two percent drop in February.

Continue reading →

Attacks using banking Trojans are among the most popular with cybercriminals as they are focused directly on financial gain.

According to a new report from Kaspersky Lab, 889,452 users of Kaspersky Lab solutions were attacked by banking Trojans last year, an increase of 15.9 percent compared to 2017.

Continue reading →

There is an acknowledged shortage of security talent in the West, but at the same time a lack of opportunity in many developing nations such as South America and India is leading to fledgling talent utilising its expertise for nefarious acts rather than for legal activity.

But a new approach to threat detection and prevention could help address the skills shortage while giving cybersecurity talent in developing countries the chance to earn an honest wage. We spoke to Steve Bassi, CEO of PolySwarm to find out more.

Continue reading →

Researchers at Kaspersky Lab have uncovered a new strain of malware spreading via The Pirate Bay torrent tracker site.

Named after the classic Russian doll, PirateMatryoshka aims to infect users' computers with adware and tools that spreads further malware onto the device. It carries a Trojan-downloader disguised as a hacked version of legitimate software used in everyday PC activity.

Continue reading →

The latest Global Threat Index from Check Point shows that at the end of last year cryptominers still took the top three places in the malware charts, despite an overall drop in value across all cryptocurrencies in 2018.

Coinhive retained its number one position for the 13th month in a row, impacting 12 percent of organizations worldwide. XMRig was the second most prevalent malware with a global reach of eight percent, closely followed by the JSEcoin miner in third with a global impact of seven percent.

Continue reading →

It feels like it has been a while since we've had any NSA-related news -- interest in mass surveillance has been overtaken by other concerns. After a series of Vault 7 leaks from WikiLeaks about the organization, the NSA is now planning to release its GHIDRA framework, designed to reverse-engineer malware and other software, later in the year.

The framework will be available for Windows, macOS and Linux, and it is set to be demonstrated and publicly released at the RSAConference in March. While it might seem like a bad idea to release a tool that can be used to break down malware and see how it works -- and, therefore, create other similar attack tools -- the idea is actually to help increase security.

Continue reading →

A number of major US newspapers -- including the Los Angeles Times, Chicago Tribune, Wall Street Journal and New York Times -- have been hit by a cyberattack that is said to originate from another country.

Malware was first detected on Thursday by Tribune Publishing, the owner of some of the affected titles, but unsuccessful attempts at quarantining meant that there was disruption well into Saturday. The Department of Homeland Security is currently investigating the incident which is not thought to have exposed any personal customer details.

Continue reading →

New malware targeting IoT devices grew 72 percent, with total malware growing 203 percent in the last four quarters according to McAfee's third quarter threat report.

This growth has been partly due to devices being harnessed for cryptomining. IoT devices such as cameras or video recorders have not typically been used for this because they lack the CPU power of desktop and laptop computers.

Continue reading →

Malware is constantly evolving in an attempt to steal data or make money for the people behind it. A new report by Malwarebytes Labs reveals the latest shift towards attacks that can avoid detection but also stay on a system to be reactivated later.

Using fileless malware is just one example among many attack methodologies currently evading traditional security defenses and maintaining persistence.

Continue reading →

Smartphones are still shrouded by various myths. Reports say that long telephone conversations may cause tumors, your signal may weaken if you move too quickly, and strong signals from base stations could kill people. Whether or not these things are true remains a mystery, but one thing that we do know is real is the threat of mobile malware.

Malicious programs are able to steal funds from your bank account, extract personal information, lock your phone screen, and render a smartphone useless, among other things. According to Statista, as of March 2018, "the total number of Android malware detections amounted to over 26.6 million programs." All of this got me wondering about how easy it is to infect the phone with a virus, so I decided to try it out and document my journey.

Continue reading →