Tag: Malware
You are here: Home \ Malware \ Page 73
A group of attackers are behind a strain of payment card malware that has bootkit functionality, something that makes it very difficult to detect, much less remove. “FIN1,” the group behind the malware, appears to be based in Russia, according to researchers at both FireEye and Mandiant who described the group on Monday. The two...
A new analysis of the Sofacy APT gang, a Russian-speaking group carrying out targeted attacks against military and government offices for close to a decade, shows a relentless wave of intrusions peaking this summer against victims in a number of NATO countries and the Ukraine. Researchers at Kaspersky Lab this morning released their update on...
As expected, it didn’t take long for one of the most popular exploit kits, Angler, to start spreading the latest iteration of Cryptowall ransomware. A drive-by campaign that uses a one-two punch to drop Cryptowall 4.0 has been observed in the wild this week, according to researchers at Heimdal Security. First, the password stealing malware Pony...
An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong. An August attack against several media companies in Hong Kong was carried out shortly after a high-profile controversy over an appointment at the prestigious...
In short order, the newest version of Cryptowall has begun showing up in exploit kits. The SANS Internet Storm Center said on Tuesday that an attacker working off domains belonging to Chinese registrar BizCN has been moving the ransomware via the Nuclear Exploit Kit. SANS ISC handler and Rackspace security engineer Brad Duncan said that...
A remote access Trojan used sparingly in targeted attacks has been found after living under cover for three years, undetected by most security gear. The RAT, dubbed GlassRAT, was signed with a certificate belonging to a popular Chinese software company with hundreds of millions of users worldwide. The RAT was used to spy on Chinese...
Mac malware is a thing. It’s real. Granted it hasn’t reached the critical mass of malicious code for Windows, but recent encounters with WireLurker, XcodeGhost and YiSpecter among others have elevated the conversation to levels where it’s been legitimized. Adding further credence, Google-owned online malware scanner VirusTotal this week announced the availability of sandbox execution...
9 November 2015 - 11:57,
by ,
in News, No comments
It’s about six weeks since we first wrote about XcodeGhost. That’s the Apple Mac malware that was specially created by crooks in China to create iOS malware. You read that correctly. Just as the infamous Stuxnet virus tried to infect PCs with the ultimate goal (allegedly) of indirectly infecting uranium centrifuge controllers, so XcodeGhost aims...
6 November 2015 - 13:57,
by ,
in News, No comments
We’ve written about ransomware a lot, because it’s such an odious and in-your-face sort of threat. Ironically, ransomware isn’t actually the most dangerous or insidious sort of malware. Ransomware crooks don’t steal your data covertly, or keep track of you via your webcam, or try to read your emails over an extended period for competitive...
4 November 2015 - 17:00,
by ,
in News, No comments
First, the trick: on Halloween night, PageFair got hit by a Trojan masquerading as an Adobe Flash update. Then, the treat: the company managed to eschew non-apology mumbo-jumbo to issue a detailed, satisfyingly remorseful apology. Beginning late Sunday night, the day after the company discovered the attack, PageFair CEO Sean Blanchfield published a series of updated...