Malware News, Articles and Updates

FTC finds thieves attempt to use stolen data within 9 min of breach

In an effort to see what happens after a data breach, the Federal Trade Commission leaked a database of 100 fake customers.

Never gonna live this down: Researchers 'Rickrolled' by malware

Researchers at Trend Micro found themselves the victims of a "Rickrolling" while analyzing a malware program that triggered multiple rules-based security alerts, most likely deliberately.

LNK files again being used to deliver malicious PowerShell script

Cybercriminals have brought back an older attack vector using LNK files to execute PowerShell scripts to download malware.

RoughTed malvertising campaign bypassing ad blockers

With more than a half billion domains infected by the RoughTed malvertising operation, its effectiveness only continues to escalate.

XData ransomware uptick spotted in wake of WannaCry

ESET researchers spotted XData ransomware making rounds a week after the global WannaCryptor scare.

Cylance spots Qakbot malware updates to target more systems

Cylance researchers spotted enhancements on the Qakbot malware that enable it to infect new systems and lock out administrators.

Forgotten Conficker worm resurfaces to infect systems with WannaCry

Conficker malware dating back to 2008 was leveraged by ransomware masterminds to help infect machines with WannaCry.

Victory Cry? Decryptors solve WannaCry, but only under key conditions

French security researchers have released a pair of decryption tools for WanaCrypt0r ransomware that can salvage infected victims' files under specific circumstances.

Terror Exploit Kit ditches carpet bombing techniques; attacks now more surgical

The Terror Exploit Kit is rapidly evolving, no longer bombarding victims with multiple exploits in scattershot fashion, but rather applying only the hacking tools that work best against a specific compromised machine.

Worth it? Android users make $0.05 profit infecting themselves with Ztorg trojan

A malware operation reportedly has been tricking millions of Android device owners into infecting themselves with the Ztorg rootkit trojan by enticing them with offers from ad networks and apps that pay users for installing content.

Unraveling mobile banking malware, Check Point

Banking malware targeting mobile users requires little tech know-how to develop and operate, so it stands as a recurrent battle for security professionals.

Russian code used in Iranian campaign

It appears that there's a Russian connection to a new Iran-based attack.

OceanLotus APT acting in accordance with Vietnamese interests, researchers report

An APT group whose actions appear to align with Vietnamese state interests has been actively compromising private corporations and targeting foreign governments, dissidents and media since at least 2014, according to researchers at FireEye.

All cried out? WannaCry ransomware victims strive to recover as researchers dig into attack

As the world returned to work on Monday, businesses continued to pick up the pieces following a historic cyberattack that crippled Windows machines across the globe with WanaCrypt0r 2.0 ransomware.

BAIJIU malware abused Japanese web hosting service

Cylance researchers spotted a phishing campaign dubbed "BAIJIU" looking to capitalize on those curious about hermit kingdom of North Korea.

New Jaff ransomware makes bold entrance via Necurs spam campaign

Jaff, a new ransomware threat with possible ties to Locky, burst onto the scene on Thursday, flooding networks with high-volume email spam campaigns via the Necurs botnet and demanding well over $3,000 in extortion money to free victims' encrypted files.

Researchers observe 'aggressive' spam campaign selling Philadelphia ransomware

The distributor of the ransomware-as-a-service product known as "Philadelphia" reportedly executed an aggressive spam campaign on the jabber messaging platform last month, enticing would-be cybercriminals to purchase its crimeware.

Cyberattacks are becoming more 'made to order' for chosen victims

Whilst examining cybersecurity attacks and methods from the first part of 2017, researchers at PandaLabs found cyber-attacks are more complex than ever before.

Cookie monster: Researchers detect malware that steals cookies, hijacks WordPress sessions

Sucuri researchers recently observed a malware attack that injected obfuscated code into a JavaScript file in order to steal web users' cookies and hijack their WordPress sessions.

Fancy Bear uses 'Trump's attack on Syria' phish in French election to drop Seduploader

The Sednit group (aka Fancy Bear, APT28, Sofacy) were reportedly the culprits behind a phishing email campaign leading up to the presidential election in France.

New IoT bot Persirai ensnaring IP cameras

Apparently emanating from Iran, Persirai has been detected by researchers at Trend Micro linking more than 1,000 internet protocol (IP) camera models into a vast Internet of Things (IoT) botnet.

Android 'O' will reportedly fix dangerous permissions flaw exposing users to attacks

A flaw in Google Android's security mechanisms reportedly exposes users to ransomware, banking malware and adware attacks, but Google is apparently addressing the issue in its upcoming version of the OS, Android O.

Attackers sabotage HandBrake's download for Macs to deliver Proton RAT

The developers of HandBrake have advised Mac-based users that they may be infected with a backdoor after an unknown attacker replaced a HandBrake software installation package with a variant of the Proton RAT malware.

Bondnet 007.01 botnet seizes servers to farm cryptocurrency

The sky may have fallen causing agents and servers across the globe to go rogue as the Bondnet 007.01 botnet army seizes victims to do its bidding.