Articles about Malware

Security researchers from Kaspersky Lab are currently investigating the first Windows-based spreader for the Mirai malware, something that can have huge implications for companies that invested heavily in IoT.

The spreader was apparently built by someone with "more advanced skills" than those that had created the original Mirai malware. This, Kaspersky Lab says, has "worrying implications for the future use and targets of Mirai-based attacks."

Continue reading →

Cyber security firm Bitdefender says it has recently uncovered a new type of malware which targets macOS users. The company says that the malware, which it has dubbed Xagent, is capable of stealing passwords, taking screenshots and grabbing iPhone backups stored on the machine.

Bitdefender says it still can’t be absolutely certain of who is behind the malware, but all evidence points in the direction of the APT28 cybercrime group. The company says this group uses the same dropper / downloader, as well as the same control center URLs. On top of that, Bitdefender says same artifacts have been hardcoded in the binary files.

Continue reading →

A new survey reveals that a large majority of mobile users do not currently pay for malware protection. However, 61 percent say they do want, and are willing to pay for, protection services from their service provider.

The study from security solutions company Allot Communications shows that rather than independently seek out, evaluate and download security apps for each of their mobile devices, consumers would like a one-stop-shop for online protection for themselves and their families. This presents communication service providers (CSPs) with an opportunity to sell an extra service, which many of them are not taking advantage of.

Continue reading →

Spam has been around since the earliest days of email. While many spam messages are poorly written and reek of malicious intent, others are less conspicuous. Cyber-criminals can slyly embed malware and ransomware into emails that can do serious damage if opened.

Fortunately, today’s email filtering systems do an excellent job at finding and isolating these messages. Here we’ll examine the details of email filtering and why they should never be taken for granted.

Continue reading →

Researchers at Kaspersky Lab have uncovered a series of targeted attacks that use legitimate software to avoid detection.

The attacks employ widely available penetration-testing and administration tools as well as the PowerShell framework for task automation in Windows. They drop no malware files onto the hard drive, but hide in the memory.

Continue reading →

Computers located in Tampa, Orlando, and St. Louis are more likely than those in other US cities to be infected with malware.

This is according to a new report from ESG, the company behind the SpyHunter anti-spyware program. It compiled its results from SpyHunter detection data across the 100 largest cities in the United States in 2016.

Continue reading →

A common recommendation that Android users get for avoiding malware is to stick with Google Play and not download any apps from other sources. Trouble is, as HummingBad proved early last year by penetrating the search giant's defenses, that advice is not exactly bullet-proof.

The malware generated $300,000 in revenue every month and infected over 85 million devices, which, at the time, ran popular versions of Android, like KitKat and Jelly Bean. It was also one of the most dangerous pieces of malware in 2016, representing 72 percent of attacks on mobile and ranking fourth in Check Point's list of "the most prevalent malware globally" in the first half of the year. But that is not the end of the saga, as a new variant, called HummingWhale, has been found on Google Play.

Continue reading →

Carbanak, a powerful cyber-crime group, is using certain Google services as command and control for its malware and other malicious elements. The news was released by cybersecurity firm Forcepoint this week.

Forcepoint uncovered a trojanized RTF document, which, once ran, will "send and receive commands to and from Google Apps Script, Google Sheets, and Google Forms services."

Continue reading →

Historically, the idea of a hacker has always conjured up images of the outsider trying to gain access to government or corporate systems.

But in recent years it's become clear that insiders can present just as big a threat, whether from malicious intent or just careless use of systems.

Continue reading →

Earlier in the year, a huge DDoS attack was launched on Krebs on Security. Analysis showed that the attack pelted servers with 620 Gbps, and there were fears that the release of the Mirai source code used to launch the assault would lead to a rise in large-scale DDoS attacks. Welcome Leet Botnet.

In the run-up to Christmas, security firm Imperva managed to fend off a 650 Gbps DDoS attack. But this was nothing to do with Mirai; it is a completely new form of malware, but is described as "just as powerful as the most dangerous one to date". The concern for 2017 is that "it's about to get a lot worse".

Continue reading →

The web-enabled generation has become increasingly reliant on technology for everyday activities. Cloud services, social networks, web extensions, plug-ins and online games, are all growing in popularity and as such, are replacing desktop applications. This heightened use of mobile web-browsers has opened the back door to cybercriminals, who now have new channels to implement browser-based attacks, spread malware and maximize infection campaigns.

Traditional "man in the browser attacks" (MITB) have been given a new lease of life as a result of the latest types of malware, distribution models and special features. Cybercriminals are becoming ever more sophisticated, injecting JavaScript code into web pages to steal user credentials or hijack data, such as those used for online banking.

Continue reading →

When Apple announced that Mario was making his way to iOS, there was much rejoicing. But the excitement soon gave way to disappointment for several reasons. Firstly there was the price, with many feeling $9.99 was just too much to ask for what is, ultimately, a very basic, one button platformer.

Next there's the complaint that Super Mario run requires constant access to the internet -- many users have also grumbled that the game has eaten through large chunks of their monthly data allowance. Nintendo may have made a pretty penny from sales of the title in the first few days, but the company's share price has tumbled. On top of this, just as it happened with Pokémon Go, the initial success of the game is being used to push malware at users.

Continue reading →

Modern day malware is all about stealing, whether it's data or money. That means to be effective it needs to communicate with its command and control servers.

A new technology released by cloud-based anti-malware company Percipient Networks for its Strongarm product aims to break this link without the need for VPNs or other potentially hard to implement solutions.

Continue reading →

Ransomware is the malware du jour and those seeking to extract money from victims have started to use a pyramid scheme system to increase the rate of infection. Not content with encrypting a victim's files and holding them to ransom, the Popcorn Time ransomware encourages those who have been struck to pass on the infection.

As is the norm with ransomware, Popcorn Time gives the victim the chance to pay a Bitcoin ransom to decrypt their files, but it also offers a self-described "nasty way" to unlock files for free. Think of it as a ransomware referral scheme.

Continue reading →

According to security firm Flashpoint, the latest strain of the Mirai malware responsible for infecting Deutsche Telekom routers has spread to devices in at least 10 countries other than Germany.

The firm has discovered that the new strain of Mirai has infected routers in places like the UK, Brazil, Iran and Thailand. It is still unknown how many devices have been infected in total, but Flashpoint estimates that five million devices could be vulnerable to the malware.

Continue reading →