Malware News, Articles and Updates

Nearly a million Minecraft players feel like blockheads after installing fake mod apps

A spate of malicious apps falsely posing as mod programs for the popular world-building game Minecraft were downloaded by users roughly 990,000 times on Google Play before they were reported earlier this month.

Study: Infections of industrial systems common, but few are targeted

Approximately 3,000 unique industrial sites per year are randomly infected with generic malware, while attacks involving malware specifically designed to target industrial control systems are far less common, according to a study.

SC Media Exclusive: Fortinet uncovers malicious Word doc that infects both Windows and macOS machines

Researchers have discovered a malicious Word file that is designed to infect both Windows and macOS operating systems with malware payloads using macros, SC Media has learned after an exclusive first look at a report from Fortinet.

Ask Partner Network compromised second time in two months

Carbon Black researchers spotted a second Ask Partner Network compromise twice in two months.

Xbox Live, Azure among Micrsooft products knocked offline Tuesday

Microsoft and several other cloud-based services experienced outages and limited operations early Tuesday afternoon, according to reports from downdetector.com.

Cybercrime Blotter: Kolypto hacker pleads guilty to his role as Citadel malware co-developer

Russian national Mark Vartanyan pleaded guilty on Monday to one count of computer fraud in related to his role in co-developing and distributing Citadel malware under the hacker alias Kolypto.

Grabbot returns, new and improved

Fortinet researchers have detected a new botnet that is able to siphon out user data and commandeer user machines.

Spam hitting Germans with personalized messages

A spam campaign that targets recipients with personalized messages is spreading in Germany, similar to a previous scourge there earlier this year and another that spread in the U.K. in April 2016.

FIN7 linked to fileless malware attacks

Researchers spotted the same group that launched spearphishing campaigns targeting SEC filings using fileless malware.

Microsoft: Malicious NSIS installers used to disperse ransomware evolve and grow in number

Ransomware distributors are evolving their technique for using NSIS installers to package and execute malicious software such as Cerber and Locky, according to a new report from Microsoft.

Report: Cloud-based spyware NexusLogger sold in guise of 'parental monitoring tool'

A new cloud-based keylogger has hit the market, resulting in a small number of cybercriminals attempting to infect businesses and collect keystrokes, system information, stored passwords, screenshots, and game credentials.

Windows to end Vista support in April 2017

Microsoft announced that it will be ending support for Windows Vista next month.

MajikPOS works its dastardly PoS malware magic

Researchers at Trend Micro have been examining MajikPOS, a new PoS malware that has been spreading across North America and Canada.

Zscaler reveals risk of SSL based threats, warns of new security priority

More than half of the internet traffic is already HTTPS encrypted for the sake of higher security. However, the encrypted traffic is used by cyber-criminals as well to hide their malicious activities from detection.

Symantec finds fake AV being distributed using HSBC phishing emails

Fake HSBC emails are being spread, asking users to install a malicious version of Rapport, a legitimate security program designed to protect online bank accounts from fraud.

Android Devices pre-loaded with malware signal fault in supply chain

Check Point has discovered dozens of Android devices that were received with malware preloaded onto them which were possibly infected on their way through the Android supply chain.

Malware found pre-installed on some Android devices

More than three dozen Android devices have been found to contain 21 different types of malware, including Loki, that came pre-installed on the phone read-only memory (ROM).

Researchers warn augmented mobile and open source = malware opportunity

ESET researchers warn that augments mobile applications plus open source platforms like Google's open could be a recipe for clever malware to come.

Instagram users targeted with malicious apps, ESET

A group of malicious apps that steal credentials have been detected on Google Play, according to a post on ESET's We Live Security site.

Skimmer adware spent two months in Google Play

Checkpoint researchers spotted a malware, dubbed Skimmer, in the Google Play store which uses a unique and innovative tactics evade detection.

Cylance says RawPOS is back with a fresh new signature, not much else

The California-based security has published an analysis which claims not much effort has been put into the new variant, and as a result was a doddle to catch.

StoneDrill advanced wiper malware discovered in the wild

In the wake of the Shamoon malware attacks, a new wiper targets the Middle East and shows interest in European targets.

FIN7 spearphishing campaign targets SEC filings

FireEye researchers spotted a spear phishing campaign targeting United States Securities and Exchange Commission (SEC) filings.

Version of Facebook Lite app weighed down by Spy FakePlay mobile malware

A version of the social media mobile app Facebook Lite, most likely available via third-party sites in China, was found infected with malware that can steal personal information, Malwarebytes reported on Monday.

Encryption Key-stone state: Pennsylvania Senate Democratic Caucus struck by ransomware

The Pennsylvania Senate Democratic Caucus has been attacked by ransomware, locking officials with the state organization out of their computers and rendering the group's website unavailable since Friday.

Proton RAT malware not a positive development for Mac users

Questions continue to swirl surround a mysterious Mac-based remote-access trojan (RAT) malware program called Proton, which Apple addressed in a recent update to its anti-malware program XProtect.

Microsoft tech support scam leverages full-screen mode to trick victims

A new tech support scam website leverages deceptive visual elements to trick victims into thinking they have been redirected to a legitimate Microsoft support website, even though they actually never left the scam page.