Malware


NEWS 
  • After Windows and Android, Operation Emmental Starts Targeting Apple Users

    July 11, 2017

    Security experts have discovered new malware that is specifically aimed at Apple customers, after previously targeting users running Windows and Android on their devices. Believed to be part of Operation Emmental, which was first spotted in 2012, the new malware is called Dok and is primarily targeting customers of Swiss banks, according to an in-depth analysis ...

  • Private Decryption Key For Original Petya Ransomware Released

    July 7, 2017

    Rejoice Petya-infected victims! The master key for the original version of the Petya ransomware has been released by its creator, allowing Petya-infected victims to recover their encrypted files without paying any ransom money. But wait, Petya is not NotPetya. Do not confuse Petya ransomware with the latest destructive NotPetya ransomware (also known as ExPetr and Eternal Petya) attacks ...

  • Ukrainian Police Seize Servers of Software Firm Linked to NotPetya Cyberattack

    July 5, 2017

    Ukrainian National Police has released a video showing officers raiding company of M.E.Doc accounting software makers, whose systems have been linked to outbreak of Petya (NotPetya) ransomware that recently infected computers of several major companies worldwide. On 4th July, masked police officers from Ukrainian anti-cybercrime unit — carrying shotguns and assault rifles — raided the software ...

  • Researchers Find BlackEnergy APT Links in ExPetr Code

    July 3, 2017

    Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks. According to researchers at Kaspersky Lab, there are strong similarities between older versions of BlackEnergy’s KillDisk ransomware compared to ExPetr code. Parallels were first identified in targeted extensions used by both BlackEnergy and ExPetr, ...

  • Security researcher creates ‘vaccine’ against ransomware attack

    June 28, 2017

    A vaccination for the global cyber attack that infected thousands of machines in dozens of countries has been discovered by an American security researcher. The simple antidote to the Petya ransomware, which stops computers from being able to launch and demands a $300 (£234) payment, uses an empty folder to block the virus from working. It could prevent further ...

  • Petya cyber attack: Ransomware spreads across Europe with firms in Ukraine, Britain and Spain shut down

    June 27, 2017

    Major firms, airports and government departments in Ukraine have been struck by a massive cyber attack which began to spread across Europe on Tuesday afternoon. In Ukraine, government departments, the central bank, a state-run aircraft manufacturer,  the airport in Kiev and  the metro network have all been paralysed by the hack. In the UK, the advertising firm WPP said ...

  • Brutal Kangaroo: CIA-developed Malware for Hacking Air-Gapped Networks Covertly

    June 22, 2017

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, this time detailing a tool suite – which is being used by the CIA for Microsoft Windows that targets “closed networks by air gap jumping using thumb drives,” mainly implemented in enterprises and critical infrastructures. Air-gapped computers that are isolated from the Internet or ...

  • Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)

    June 20, 2017

    The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update. The SMBv1 is one of the internet’s most ancient networking protocols that allows the operating systems and applications to ...

  • University College London Suffers Major Ransomware Attack

    June 16, 2017

    The University College London (UCL) has been hit by a major ransomware attack on June 15, with the infection reaching personal and shared drives in the network. UCL admins explained in updates posted on the official website that the infection was most likely possible because of a zero-day, pointing out that antivirus systems failed to detect ...

  • US Warns of ‘DeltaCharlie’ – A North Korean DDoS Botnet Malware

    June 14, 2017

    The United States government has released a rare alert about an ongoing, eight-year-long North Korean state-sponsored hacking operation. The joint report from the FBI and U.S. Department of Homeland Security (DHS) provided details on “DeltaCharlie,” a malware variant used by “Hidden Cobra” hacking group to infect hundreds of thousands of computers globally as part of its ...