Malware

September 21, 2018

A newly discovered malware strain is a multi-tasking threat that besides working as ransomware and encrypting users’ files, it can also log and steal their keystrokes, and add infected computers to a spam-sending botnet. This new threat is named Virobot and appears to be under development, and comprised of multiple components that allow it to work ...

September 16, 2018

As threats and cyber-attacks on critical infrastructure are expected to intensify in the near future, cyber-security experts believe that companies and government agencies should be prepared to operate networks even if there’s malware or a threat actor on the network or not. The idea is that cyber-attacks should not cause downtime of any form, and networks should be designed in a way ...

September 12, 2018

Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years. After staying dormant for few years, the Kronos banking trojan resurfaced in July in a form dubbed Osiris. A wider analysis of how the banking trojan is evolving shows innovative development on ...

September 11, 2018

These stealthy downloaders initially infect systems and then only install additional malware on systems of interest. Well-known financial crime gang Cobalt Group and other threat actors have recently shifted tactics to incorporate lightweight modular downloaders that “vet” target machines for their attractiveness before proceeding with a full-fledged attack. The emergence of the AdvisorsBot and Marap malwares, as ...

September 5, 2018

The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity. The OilRig group is back, using a reboot of the OopsIE trojan to pump information from its favorite resource: entities in the Middle East region. OilRig, which is also called Cobalt Gypsy, Crambus, Helix Kitten or PT34, is suspected ...

September 4, 2018

CamuBot is a unique malware targeting Brazilian bank customers that attempts to bypass biometric account protections. Brazilian bank customers are being warned of malware dubbed CamuBot that hides in plain sight and presents itself as a required end-user security module provided by a bank. The malware goes so far as to include bank logos that look and ...

August 30, 2018

The campaign uses double infection points and two command-and-control servers. The infamous financial cybercrime gang known as Cobalt Group has been spotted actively pushing a fresh campaign that uses a peculiar tactic: Double infection points and two command-and-control (C2) servers. The Cobalt Group, a known financial cybercrime ring since 2016, has been suspected in attacks in dozens ...

August 27, 2018

Earlier this month, reports surfaced which suggested that Cosmos Bank, India’s oldest at 112 years old, had become the victim of a cyberattack which left the institution millions out of pocket. The attack reportedly took place in two stages been August 10 – 13. According to the Hindustan Times, malware was used on the bank’s ATM server ...

August 24, 2018

Spyware is morally dubious software, and yet, business is booming. This particular form of malware comes in various forms including keyloggers, modular software capable of taking screenshots, malicious code able to view and steal content such as photos and videos, as well as recorders of text messages, phone calls, and browser histories. It is not just government entities or ...

August 23, 2018

If you’re into cryptocurrency trading, you might want to pay attention, because a new malware is making rounds that’s stealing people’s money from crypto exchanges. And no, macOS is not safe either, there’s a version for Apple’s operating system, as well. Kaspersky Lab’s researchers from the Global Research and Analysis Team (GReAT) announced they discovered malware dubbed AppleJeus. In ...