Articles about Malware

Spam has been around since the earliest days of email. While many spam messages are poorly written and reek of malicious intent, others are less conspicuous. Cyber-criminals can slyly embed malware and ransomware into emails that can do serious damage if opened.

Fortunately, today’s email filtering systems do an excellent job at finding and isolating these messages. Here we’ll examine the details of email filtering and why they should never be taken for granted.

Continue reading →

Researchers at Kaspersky Lab have uncovered a series of targeted attacks that use legitimate software to avoid detection.

The attacks employ widely available penetration-testing and administration tools as well as the PowerShell framework for task automation in Windows. They drop no malware files onto the hard drive, but hide in the memory.

Continue reading →

Computers located in Tampa, Orlando, and St. Louis are more likely than those in other US cities to be infected with malware.

This is according to a new report from ESG, the company behind the SpyHunter anti-spyware program. It compiled its results from SpyHunter detection data across the 100 largest cities in the United States in 2016.

Continue reading →

A common recommendation that Android users get for avoiding malware is to stick with Google Play and not download any apps from other sources. Trouble is, as HummingBad proved early last year by penetrating the search giant's defenses, that advice is not exactly bullet-proof.

The malware generated $300,000 in revenue every month and infected over 85 million devices, which, at the time, ran popular versions of Android, like KitKat and Jelly Bean. It was also one of the most dangerous pieces of malware in 2016, representing 72 percent of attacks on mobile and ranking fourth in Check Point's list of "the most prevalent malware globally" in the first half of the year. But that is not the end of the saga, as a new variant, called HummingWhale, has been found on Google Play.

Continue reading →

Carbanak, a powerful cyber-crime group, is using certain Google services as command and control for its malware and other malicious elements. The news was released by cybersecurity firm Forcepoint this week.

Forcepoint uncovered a trojanized RTF document, which, once ran, will "send and receive commands to and from Google Apps Script, Google Sheets, and Google Forms services."

Continue reading →

Historically, the idea of a hacker has always conjured up images of the outsider trying to gain access to government or corporate systems.

But in recent years it's become clear that insiders can present just as big a threat, whether from malicious intent or just careless use of systems.

Continue reading →

Earlier in the year, a huge DDoS attack was launched on Krebs on Security. Analysis showed that the attack pelted servers with 620 Gbps, and there were fears that the release of the Mirai source code used to launch the assault would lead to a rise in large-scale DDoS attacks. Welcome Leet Botnet.

In the run-up to Christmas, security firm Imperva managed to fend off a 650 Gbps DDoS attack. But this was nothing to do with Mirai; it is a completely new form of malware, but is described as "just as powerful as the most dangerous one to date". The concern for 2017 is that "it's about to get a lot worse".

Continue reading →

The web-enabled generation has become increasingly reliant on technology for everyday activities. Cloud services, social networks, web extensions, plug-ins and online games, are all growing in popularity and as such, are replacing desktop applications. This heightened use of mobile web-browsers has opened the back door to cybercriminals, who now have new channels to implement browser-based attacks, spread malware and maximize infection campaigns.

Traditional "man in the browser attacks" (MITB) have been given a new lease of life as a result of the latest types of malware, distribution models and special features. Cybercriminals are becoming ever more sophisticated, injecting JavaScript code into web pages to steal user credentials or hijack data, such as those used for online banking.

Continue reading →

When Apple announced that Mario was making his way to iOS, there was much rejoicing. But the excitement soon gave way to disappointment for several reasons. Firstly there was the price, with many feeling $9.99 was just too much to ask for what is, ultimately, a very basic, one button platformer.

Next there's the complaint that Super Mario run requires constant access to the internet -- many users have also grumbled that the game has eaten through large chunks of their monthly data allowance. Nintendo may have made a pretty penny from sales of the title in the first few days, but the company's share price has tumbled. On top of this, just as it happened with Pokémon Go, the initial success of the game is being used to push malware at users.

Continue reading →

Modern day malware is all about stealing, whether it's data or money. That means to be effective it needs to communicate with its command and control servers.

A new technology released by cloud-based anti-malware company Percipient Networks for its Strongarm product aims to break this link without the need for VPNs or other potentially hard to implement solutions.

Continue reading →

Ransomware is the malware du jour and those seeking to extract money from victims have started to use a pyramid scheme system to increase the rate of infection. Not content with encrypting a victim's files and holding them to ransom, the Popcorn Time ransomware encourages those who have been struck to pass on the infection.

As is the norm with ransomware, Popcorn Time gives the victim the chance to pay a Bitcoin ransom to decrypt their files, but it also offers a self-described "nasty way" to unlock files for free. Think of it as a ransomware referral scheme.

Continue reading →

According to security firm Flashpoint, the latest strain of the Mirai malware responsible for infecting Deutsche Telekom routers has spread to devices in at least 10 countries other than Germany.

The firm has discovered that the new strain of Mirai has infected routers in places like the UK, Brazil, Iran and Thailand. It is still unknown how many devices have been infected in total, but Flashpoint estimates that five million devices could be vulnerable to the malware.

Continue reading →

Researchers at cyber security company Check Point have uncovered a new malware variant that has breached more than a million accounts and is infecting over 13,000 Android devices a day.

Called Gooligan, the malware roots Android devices and steals email addresses and authentication tokens stored on them. With this information, attackers are able to access users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, and G Suite.

Continue reading →

In the run up to one of the hospitality industry's busiest periods, cyber criminals are targeting hotel chains with a series of targeted attacks.

Cyber security company Trustwave has investigated the attacks, which combine social engineering with sophisticated malware, against a number of its clients in the past month.

Continue reading →

Malware spreads through various channels, and numerous methods are used to fool people into unwittingly installing it. In many cases, the promise of getting something for free -- naming expensive software -- is enough to trick a victim into infecting their own computer.

It's far from being a new tactic, and warnings have been issued to fans of torrenting for some time. Keygens (small programs that promise to provide unlock codes and product keys for big-name software titles) are being used to help spread the Gatak or Stegoloader Trojan. Something that is interesting about this malware campaign is that it is specifically targeting enterprise users, with a particular focus on the healthcare industry.

Continue reading →