Articles about Malware

Today, WikiLeaks publishes the third installment of its Vault 7 CIA leaks. We've already had the Year Zero files which revealed a number of exploits for popular hardware and software, and the Dark Matter batch which focused on Mac and iPhone exploits.

Now we have Marble to look at. A collection of 676 source code files, the Marble cache reveals details of the CIA's Marble Framework tool, used to hide the true source of CIA malware, and sometimes going as far as appearing to originate from countries other than the US.

Continue reading →

Despite 39 percent of businesses suffering an SSL-based attack in 2016, only 25 percent feel confident in their ability to deal with one according to a new study.

The report from cyber security company Radware shows that cyber attacks are becoming the norm, with 98 percent of organizations experiencing some form of attack in 2016.

Continue reading →

A modified version of a threat that first appeared in 2014 is successfully targeting users in Latin America according to the SPEAR research team at threat prevention specialist Cylance.

Attackers using the El Machete malware -- first identified by Kaspersky -- have moved to new C2 (command and control) infrastructure, based largely around dynamic DNS domains, in addition to making some minimal changes to the malware in order to evade signature-based detection.

Continue reading →

Earlier this week, Storm Stella not only left parts of the North East US with up to three feet of snow, it led to an increase in malware infections too.

According to data released by Enigma Software, the company behind SpyHunter, infections jumped by between 15 and 90 percent in some areas hit hard by the storm.

Continue reading →

Microsoft's Malware Protection Center has identified a new wave of NSIS (Nullsoft Scriptable Install System) installers that seek to evade detection by burying malware deeper in the code.

The changes have been seen in installers that drop ransomware like Cerber, Locky, and others. The installers try to look as normal as possible by incorporating non-malicious components that usually appear in legitimate installers.

Continue reading →

Despite being based on the very secure Linux kernel, Android isn't necessarily a very secure operating system. Unlike iOS which does a great job of shielding its users from installing apps from outside Apple's own App Store, it is far too easy to do so on Google's mobile OS. Also, there is nothing requiring manufacturers to issue device updates, meaning many users are forced to use outdated and vulnerable versions of the operating system.

For the most part, however, Android users can remain safe by acting intelligently, such as only installing apps from the Play Store. Well, that might not be so true anymore. You see, it has been discovered that many models of Android smartphones -- from manufacturers such as Samsung, LG, and even Google's own Nexus line -- are being sold with malware pre-installed. This is particularly bad malware, as it can steal user information. Some devices even came pre-loaded with ransomware!

Continue reading →

The Vault 7 leaks this week suggest that the CIA has been able to exploit vulnerabilities in a wide range of popular hardware and software, including Windows, macOS and Linux. One of the suggestions is that the agency produced EFI (Extensible Firmware Interface) rootkits for MacBooks called DarkMatter.

To help calm the fears of MacBook owners, Intel Security has pushed out a tool to check for such rootkits. Apple issued a statement earlier this week indicating that it had addressed "many of the issues" exposed by WikiLeaks, but Intel Security's further intervention will bring some peace of mind to concerned users.

Continue reading →

When your job is writing about technology you get used to receiving the somewhat off the wall ways companies come up with to promote their products.

Kaspersky's latest endeavour though had us scrambling for the calendar to check whether it was April 1st, as the company is launching a fragrance. Described as 'threatening yet provocative' the rather disturbingly named Threat de Toilette comes, like all the best scents, in pour femme and pour homme versions.

Continue reading →

Security researchers from Kaspersky Lab have found a very powerful malware, one which is capable of completely wiping the contents of a disk. Announcing the finding, the security company says the malware, which it dubbed StoneDrill, was found on just two machines so far, one in the Middle East, and one in Europe.

The researchers claim StoneDrill is both similar and "very different and more sophisticated" than another wiper malware -- Shamoon 2.0. They actually stumbled upon StoneDrill while investigating Shamoon 2.0.

Continue reading →

Advertising agencies, search engines and cybersecurity specialists should work collectively to tackle the security threat from rising malvertising.

According to Ben Williams, head of operations and communications at Adblock Plus unless this happens more users will be exposed to potential security compromises such as malware and phishing, and this will drive further adoption of adblockers as a solution to these threats.

Continue reading →

Mobile malware detection almost tripled in 2016 and advertising Trojans exploiting super-user rights became the top threat.

These are among the findings of Kaspersky Lab's 2016 Mobile Threat report released today, which looks at reports generated by the company's mobile products.

Continue reading →

The Necurs botnet is one of the largest around at the moment and is principally known for sending spam including the Locky ransomware.

However, new research from BitSight's Anubis Labs has uncovered a new component being loaded in infected systems that allows it to use bots to enable proxy communications and perform DDoS attacks.

Continue reading →

Security researchers from Kaspersky Lab are currently investigating the first Windows-based spreader for the Mirai malware, something that can have huge implications for companies that invested heavily in IoT.

The spreader was apparently built by someone with "more advanced skills" than those that had created the original Mirai malware. This, Kaspersky Lab says, has "worrying implications for the future use and targets of Mirai-based attacks."

Continue reading →

Cyber security firm Bitdefender says it has recently uncovered a new type of malware which targets macOS users. The company says that the malware, which it has dubbed Xagent, is capable of stealing passwords, taking screenshots and grabbing iPhone backups stored on the machine.

Bitdefender says it still can’t be absolutely certain of who is behind the malware, but all evidence points in the direction of the APT28 cybercrime group. The company says this group uses the same dropper / downloader, as well as the same control center URLs. On top of that, Bitdefender says same artifacts have been hardcoded in the binary files.

Continue reading →

A new survey reveals that a large majority of mobile users do not currently pay for malware protection. However, 61 percent say they do want, and are willing to pay for, protection services from their service provider.

The study from security solutions company Allot Communications shows that rather than independently seek out, evaluate and download security apps for each of their mobile devices, consumers would like a one-stop-shop for online protection for themselves and their families. This presents communication service providers (CSPs) with an opportunity to sell an extra service, which many of them are not taking advantage of.

Continue reading →