Malware


NEWS 
  • Malware infecting Androids somewhere in the supply chain

    March 12, 2017

    Smartphones from Samsung, LG, Xiaomi, ZTE, Oppo, Vivo, Asus and Lenovo have been spotted sporting malware they apparently carried when they were shipped. The malware discovered by Check Point Software Technologies included info-stealers, ransomware like Slocker; Loki, which shows “illegitimate advertisements” to generate revenue while stealing device information; and information stealers. Check Point says it found infections ...

  • Undetectable Mac Malware Proton for Sale on the Dark Web for 40 BTC

    March 6, 2017

    Hackers are now selling malware for Mac devices straight out on the dark web. They claim the malware is undetectable and provides hackers with the ability to take full control over MacOS devices by evading antivirus software. Proton, as it has been named, the malware is a Remote Administration Tool that is currently being sold over ...

  • This hard drive will self destruct. Data-wiping malware targets Europe

    March 6, 2017

    Shamoon—the mysterious disk wiper that popped up out nowhere in 2012 and took out more than 35,000 computers in a Saudi Arabian-owned gas company before disappearing—is back. Its new, meaner design has been unleashed three time since November. What’s more, a new wiper developed in the same style as Shamoon has been discovered targeting a ...

  • New Fileless Malware Uses DNS Queries To Receive PowerShell Commands

    March 5, 2017

    It is no secret that cybercriminals are becoming dramatically more adept, innovative, and stealthy with each passing day. While new forms of cybercrime are on the rise, traditional activities seem to be shifting towards more clandestine techniques that involve the exploitation of standard system tools and protocols, which are not always monitored. The latest example of such ...

  • Dridex Banking Trojan Gains ‘AtomBombing’ Code Injection Ability to Evade Detection

    March 1, 2017

    Security researchers have discovered a new variant of Dridex – one of the most nefarious banking Trojans actively targeting financial sector – with a new, sophisticated code injection technique and evasive capabilities called “AtomBombing.” On Tuesday, Magal Baz, security researcher at Trusteer IBM disclosed new research, exposing the new Dridex version 4, which is the latest ...

  • Google Discloses Another ‘High Severity’ Microsoft Bug

    February 27, 2017

    Google Project Zero disclosed Monday a “high severity” vulnerability it found in Microsoft’s Edge and Internet Explorer browsers that could allow remote attackers to execute arbitrary code. The revelation adds yet another vulnerability to a growing list of known bugs Microsoft has been warned about, but is leaving unpatched, this month as it grapples with ...

  • Security researchers announce “first practical” SHA-1 collision attack

    February 23, 2017

    Security researchers at the CWI institute in Amsterdam working with a team from Google Research say they have found a faster way to compromise the SHA-1 hash algorithm — announcing what they describe as “the first practical technique for generating a SHA-1 collision” in a blog post today. A ‘collision’ here refers to being able to ...

  • Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare

    February 22, 2017

    A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data. CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of ...

  • Malware Attack on Polish Banks Uses Russian as False Flag, Linked to Lazarus

    February 21, 2017

    Hackers involved in the attack on Polish banks seem to have faked some of the code lines, making it seem as if they were Russians. The truth is, however, the lines don’t make sense to native speakers and an online translator may have been used. A recent sophisticated attack campaign targeted financial organizations from many countries, ...

  • Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

    February 20, 2017

    Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power outage caused by the same group of hackers that targeted Ukraine’s ...

  • New TeamSpy Malware Campaign Turns TeamViewer into Spy Tool

    February 20, 2017

    TeamSpy is back and it’s turning TeamViewer into the spying tool that no one wants. According to security firm Heimdal, a new spam campaign emerged over the weekend, carrying the TeamSpy malware which can give hackers full access to a compromised computer. This isn’t a new type of malware whatsoever. In fact, back in 2013, it was ...

  • Israeli Military Targeted by Android Mobile Surveillance Malware

    February 16, 2017

    According to Kaspersky Lab, starting in mid last year, over 100 Israeli servicemen were hit by an attack that exfiltrated data to the attackers’ command and control servers. Then, the devices were pushed Trojan updates allowing the hackers to extend their capabilities. Experts believe the campaign is still ongoing and in its early stages, targeting Android ...

  • New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices

    February 9, 2017

    MIRAI – possibly the biggest IoT-based malware threat that emerged last year, which caused vast internet outage in October last year by launching massive distributed denial-of-service (DDoS) attacks against the popular DNS provider Dyn. Now, the infamous malware has updated itself to boost its distribution efforts. Researchers from Russian cyber-security firm Dr.Web have now uncovered a Windows ...

  • Watch Out! First-Ever Word Macro Malware for Apple Mac OS Discovered in the Wild

    February 9, 2017

    After targeting Windows-based computers over the past few years, hackers are now shifting their interest to Macs as well. The emergence of the first macro-based Word document attack against Apple’s macOS platform is the latest example to prove this. The concept of Macros dates back to 1990s. You might be familiar with the message that reads: “Warning: ...

  • Invisible Malware Found in Banking Systems in over 40 Countries

    February 7, 2017

    Banks, telcos, and even governmental agencies in the United States, South America, Europe, and Africa are being targeted by hackers in a series of ongoing attacks that are extremely difficult to detect. According to a new Kaspersky Lab report, at least 140 banks and other enterprises have been infected by malware that’s nearly invisible. Although this ...

  • Polish Banks Hacked using Malware Planted on their own Government Site

    February 6, 2017

    In what considered to be the largest system hack in the country’s history and a massive attack on the financial sector, several banks in Poland have been infected with malware. What’s surprising? The source of the malware infection is their own financial regulator, the Polish Financial Supervision Authority (KNF) — which, ironically, is meant to keep ...

  • Dridex Is Back, Uses New Windows UAC Bypass Method

    January 30, 2017

    Banking malware Dridex is back and it’s worse, targeting British financial institutions with a new technique that has the capability of bypassing Windows User Account Control. Researchers at security firm Flashpoint detected small phishing and spear-phishing campaigns targeting specific recipients. The messages contained macros in document attachments that allowed the download of the Dridex malware. This User ...

  • New Trojan Turns Thousands Of Linux Devices Into Proxy Servers

    January 25, 2017

    A new Trojan has been discovered in the wild that turns Linux-based devices into proxy servers, which attackers use to protect their identity while launching cyber attacks from the hijacked systems. Dubbed Linux.Proxy.10, the Trojan was first spotted at the end of last year by the researchers from Russian security firm Doctor Web, who later identified ...

  • Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

    January 22, 2017

    It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch. It was one of the biggest flaws in the Internet’s history that affected the core security of as many ...

  • How A Bug Hunter Forced Apple to Completely Remove A Newly Launched Feature

    January 20, 2017

    Recently Apple released a new Feature for iPhone and iPad users, but it was so buggy that the company had no option other than rolling back the feature completely. In November, Apple introduced a new App Store feature, dubbed “Notify” button — a bright orange button that users can click if they want to be alerted ...