Articles about Malware

Security researchers from Lookout are warning about raft of spyware-infected apps that have been found in Google Play. Seemingly connected to Iraq, more than a thousand apps hve been found to include SonicSpy spyware.

The spyware is embedded in a variety of legitimate-looking apps, such as messaging tools based on Telegram. One such example is an app called Soniac which was found to be capable of not only recording audio and retrieving contacts, but also taking photos and gathering phone logs. Lookout warns that SonicSpy is sneaky, and tries to hide from users to avoid detection.

Continue reading →

As the overall percentage of encrypted traffic increases, hackers are increasingly using SSL to conceal device infections, and hide their other activities.

A new study from Zscaler finds that an average of 60 percent of the transactions in the Zscaler security cloud have been delivered over SSL/TLS.

Continue reading →

Amazon has once again decided to suspend sales of the popular budget Android smartphone maker Blu as many of its devices came preloaded with spyware.

The Miami-based company has been suspended from selling its phones on the e-commerce site after cybersecurity experts at Kryptowire revealed that software on its devices was collecting sensitive user data and sending it to China.

Continue reading →

Some of the most notable machine learning tools can be hijacked in order to create super-powerful malware capable of bypassing most anti-virus systems, researchers have claimed.

At the recent DEF CON event, security company Endgame revealed how it created customized malware using Elon Musk's own OpenAI framework that security engines were unable to detect.

Continue reading →

Ransomware is often considered a somewhat low-stakes annoyance: in most cases, the data itself doesn’t leave the network and public operations aren’t compromised. NotPetya changed the game -- it’s shown us the potential of how wildly damaging ransomware infections can be from here on out. It can feel like science fiction at times, but is now utterly reasonable to consider any data or device with a CPU and memory on your network as something that can be held hostage by ransomware.

Ransomware has proven to be a lucrative endeavor: more and more central and important systems are being targeted. Cryptolocker targeted family photos. Later variants somewhat indiscriminately encrypted any user file they had access to -- and last month, we saw NotPetya locking out machines entirely.

Continue reading →

A new version of the Mac malware dubbed Fruitfly has been spotted in the wild, and it’s unclear if the latest macOS is vulnerable to it or not.

This is according to former NSA hacker and chief security researcher at Synack, Patrick Wardle. He told ZDNet that the malware, which was first revealed back in January, can take full control of an infected machine, including files, camera, screen, and peripherals.

Continue reading →

Some four months after the first Vault 7 leak, WikiLeaks continues to publish revealing CIA documents that detail the agency's ability to hack, infiltrate and surveil targets. The latest batch goes under the banner "UCL / Raytheon", and comprises documents from CIA contractor Raytheon Blackbird Technologies.

Dating from late 2014 and late 2015, the documents show how the CIA, through Raytheon Blackbird Technologies, monitored malware in the wild to see how it could be used by the agency. The documents cover tools produced by the infamous Hacking Team as well as the Russian HammerToss malware delivered via Twitter.

Continue reading →

On June 27, reports of a rapidly spreading ransomware attack started to emerge from Ukraine. The speed at which critical infrastructure networks were shutting down pointed to a ransomware application with a wormable component, whose virality called to mind the WannaCry ransomware. In less than three hours, the infection crippled banks, ATMs, public transport and an airport, as well as utilities provider Kyivenergo. Then it spread outside the Ukraine.

As multiple critical infrastructure networks reported major blackouts, Bitdefender started an internal investigation over isolated malware samples to trace the attack’s origin and better understand what it targeted, and how.

Continue reading →

Computer users in New Hampshire are three times more likely than those elsewhere in the US to get a malware infection on their computers according to a new report.

The study from Enigma Software Group (ESG), the company behind SpyHunter, analyzed over 1.5 million infections detected by SpyHunter across all 50 states in the first six months of this year.

Continue reading →

Just like in a real-life crime scene, forensic evidence for cyber-crimes must not be tampered with. That's why sometimes investigations take too long -- forensic researchers need a lot of time to reach the crime scene and extract malware samples without compromising evidence.

Kaspersky Lab identified this as a huge pain point in the combat against cyber-crime, and has since released a tool to help all researchers do their work faster and with more precision.

Continue reading →

The Petya ransomware -- and several variants -- wreaked havoc with data around the world, but now the author of the original malware has released the master decryption key.

Janus Cybercrime Solutions has provided a key that work with all "official" variants of Petya (meaning NotPetya is not included). The key was released to -- of all places -- Mega, and its authenticity has been verified. While Petya has already been cracked, the key offers the fastest and most reliable decryption method yet.

Continue reading →

Police in the Ukraine have seized the servers of Intellect Service, a company supplying accounting software, as part of their investigation into the NotPetya ransomware attack.

A malicious update to Intellect's MeDoc accounting package is believed to have been responsible for some of the initial NotPetya infections.

Continue reading →

A new study finds that while attacks increase and financial losses continue to mount, a growing number of companies are preparing to respond to breaches

The research from forensic security company Guidance Software finds that 54 percent of organizations feel well prepared to respond to a major breach in the coming year (up from 51 percent in 2016). Additionally, 25 percent of respondents say they're looking to build a formal security and incident management team within the next year up from 12 percent in 2016.

Continue reading →

To remedy a malware attack businesses need to shell out, on average, $2,300 per attack. This is according to a new report by Arbor Networks.

The report, produced in partnership with research organization 451 Research, says spear phishing attacks are still most successful of all the different methods of entry.

Continue reading →

Getting your Android apps through Google Play is considered safe, but there are times when even the search giant's store is dangerous. Case in point, Kaspersky uncovered two more trojan-infected apps that weren't removed until they had over 60,000 installs.

Kaspersky security researcher Roman Unuchek reports that, since September 2016, he has discovered "several dozen new malicious apps" on Google Play, all of which "were rooting malware that used exploits to gain root rights on the infected device." Obviously, Google failed to catch any of those in time either.

Continue reading →