Malware

Verified Twitter accounts tend to be a little more secure than those belonging to non-verified users due to the amount of extra hoop jumping required to get one of those ticks in the first place. A number of security requirements, including providing a phone number and setting up 2FA, are…

Read More

Comments on the Malwarebytes labs blog can be well written, valuable additions to our published work, and sometimes provide additional data that we missed. These are not those. Today we’re looking at some comments we got from spammers who apparently don’t look too closely at which site they’re at before…

Read More

This malware spam in unusual in many respects. The payload may be some sort of ransomware. From: The Insolvency Service [mailto:service@chucktowncheckin.com] Sent: 19 January 2017 12:22Subject: EGY 318NHAR12 – Investigations Inquiry Notification Company Investigations InquiryInforming You that we have received appeal regarding your company which indicates corporate misconduct.Your Inquiry Number:…

Read More

The first Mac malware of 2017 was brought to my attention by an IT admin, who spotted some strange outgoing network traffic from a particular Mac. This led to the discovery of a piece of malware unlike anything I’ve seen before, which appears to have actually been in existence, undetected, for some…

Read More

Spora spreads via USB drives like Gamarue and Dinihou aka Jenxcus whilst also encrypting files. The sophistication of this threat could easily make it the new Locky. We discuss its infection and encryption procedure and show how it uses statistical values about encrypted files to calculate the ransom amount. Source:…

Read More

Last week, we talked about what Windows environmental variables are, more phishy sponsored tweets in the wild, and—if you haven’t actually considered this already—how to take selfies in a safe manner that doesn’t compromise your security and/or privacy. We also took a deep dive into a post-holiday spam campaign, which…

Read More

Last week, we talked about what Windows environmental variables are, more phishy sponsored tweets in the wild, and—if you haven’t actually considered this already—how to take selfies in a safe manner that doesn’t compromise your security and/or privacy. We also took a deep dive into a post-holiday spam campaign, which…

Read More

Cyber attacks involving zero-day exploits happen from time to time, affecting different platforms and applications. Over the years, Microsoft security teams have been working extremely hard to address these attacks. While delivering innovative solutions like Windows Defender Application Guard, which provides a safe virtualized layer for the Microsoft Edge browser,…

Read More

This malware came in a phishing e-mail – disguised as a Bitcoin wallet. After clicking the link, user receives a JAR file: wallet.aes.json.jar Analyzed sample 851bc674d181910870fbba24763d5348 – the dropped sample (wallet.aes.json.jar) 2eb123e43971eb2eaf437eaeffeeed8e – stage 2 24840e382da8d1709647ee18e33b63f9 – stage 3 (core) Behavioral analysis After being deployed, the malware runs silently. If…

Read More

Ignore the banner image of the man taking a likely ill-advised selfie in the front of his car for now, because there’s fresh trouble brewing in photo filter land. If you’re going to take selfies – and let’s face it, you probably will – it seems the latest “don’t do…

Read More