Malware News, Articles and Updates

qkG Filecoder ransomware exploits macros and self-replicates

Early variants of a self-replicating ransomware implemented entirely in VBA macros were discovered last week.

Symantec updates Management console product

Symantec released an update to its Management Console product to patch a vulnerability that can leave users susceptible to a directory traversal exploit.

Mobile malware a universal threat around the globe: Check Point

When it comes to avoiding mobile malware no company anywhere on the planet is immune.

Montgomery County (Ill.) government offices taken offline by malware

The Montgomery County Emergency Management Agency reported that much of the county's computer system went down last week due to what it is calling a malware incident.

New Kaspersky report offers alternate theory for how NSA hacking tools were stolen

Seeking to prove its anti-virus software did not help Russian cyber spies steal U.S. hacking tools from an NSA contractor's laptop, Kaspersky Lab has released findings from an internal probe, including apparent evidence that said laptop had been infected with malware.

Star Wars Sith Droid botnets hijack send-to-a-friend modules to send spam

Forces of the dark side are hijacking send-to-a-friend (a.k.a. share-with-a-friend) social sharing modules to send random Star Wars quotes and malicious links.

New IcedID banking trojan already rivals worst of its malware peers

A newly discovered banking trojan, targeting U.S. financial institutions and services since at least September, is already as advanced in its capabilities as its predecessors Zeus, Gozi, and Dridex, researchers from IBM have reported.

Coinhive cryptocurrency miner jumps onto Check Point's Most Wanted Malware list

Cryptocurrency miners are becoming one of the most prolific threats facing everyone from CISOs to consumers, with Check Point naming this type of malicious software to its Ten Most Wanted Malware list for October.

Man charged for using vDOS hacker for hire against Minnesota firm

Federal prosecutors are charging John Kelsey Gammell with using hackers for hire to launch DDoS attacks against former employers.

RDP brute force attacks used to spread LockCrypt ransomware

Hackers have been breaking into corporate servers via RDP brute-force attacks and manually infecting them with a new variant of ransomware called LockCrypt.

Google study finds phishing attacks more efficient than data breaches

A recent Google study found that phishing attacks are more efficient than data breaches at getting criminals into victim's accounts.

Ordinypt wiper ransomware targets German businesses

Another wiper malware posing as a ransomware is targeting German businesses under the guise of fake job applicants inquiring about openings.

Michigan to implement 211 cybercrime hotline

A Michigan non-profit is working with federal, state, and local law enforcement to add services to the already established 211 system to serve victims of cybercrimes.

Windows Movie Maker scammers leverage Google SEO

While SEO best practices help brands reach the widest possible audiences these same tactics can also be leveraged to help cybercriminals reach the most victims.

ToastAmigo malware uses new twist to attack Toast overlay vulnerability

A new malware has been uncovered that uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.

APT28's latest Word doc attack eliminates needing to enable macros

The threat group APT28/Fancy Bear has is now using a little used technique in Microsoft Office that enables it to executive arbitrary code using a Word document, but without requiring macros being enabled.

UFC Fight Pass sucker punched with Monero cryptominer

UFC's Fight Pass pay-per-view site is the latest high profile victim hit with the silent crypto-currency miner developed by Coinhive.

Marcher banking trojan campaign attacks Austrians' finances three different ways

An attack campaign targeting Android users in Austria has been employing a unique trio of techniques to steal their funds: a credentials phishing web page, malicious banking app overlays, and credit card phishing screens.

Anime enemy: Asian content distributor Crunchyroll blames DNS hijack for malicious redirection

Asian entertainment website is blaming a DNS hijack attack, after site visitors in the early morning of Nov. 4 were redirected to a malicious website designed to infect them with malware.

Researchers find multiple malware families leveraging InPage exploit

An exploit in the InPage word processor program was used as an attack vector by three malware families.

Osama bin Laden's computer files riddled with malware

This news tidbit came out as the CIA made public 470,000 computer files recovered when U.S. Navy SEALS killed bin Laden in a May 2011 raid on his compound in Pakistan.

iXintpwn/YJSNPI distributed in app stores once used to spread ZNIU

App stores that once distributed the rootkit malware used by ZNIU are now distributing a new iXintpwn/YJSNPI Variant.

Man who used botnet to earn college tuition dodges jail time, gets probation

Sean Tiernan is now enrolled in the Stanford CyberSecurity Graduate Program and employed by a cybersecurity company.

QtBot downloader discovered in geo-based Locky-Trickbot campaign

Researchers from Palo Alto Networks have uncovered QtBot, an intermediate-stage downloader that helps to deliver the final payload in geography-based Locky-Trickbot malspam campaigns.

WannaCry, Cerber most used ransomware types, hospitals most hit sector, report

WannaCry and Cerber has totally dominated the ransomware landscape so far this year comprising almost all the attacks that have taken place, while other big names such as Locky were barely a blip on the radar.

Cryptoshuffler trojan diverting bitcoin payments to criminal's pockets

Cryptocurrency mining may be all the rage right now, but some malicious actors are finding it easier to use a specialized trojan that simply steals the money right out of a digital wallet.