Malware News, Articles and Updates

State surveillance tool uses ISP to deliver malware to privacy seekers

Unnamed major internet providers are reported to be the distribution route for the spread of a new variant of government spyware FinFisher (also known as FinSpy) in two countries, targeting people seeking privacy.

Red Alert banking malware steals credentials

A new strain of banking malware is targeting Android users, security researchers have discovered. Red Alert Trojan targets more than 60 banking and social networking apps

Hiding in plain sight - attacks via trusted entry routes such as updates

Sophisticated attackers will subvert trusted suppliers of executable code such as software updates, consequently, Martin Lee says that a sophisticated response is required.

ICYMI: Facebook malware; nude celeb hack; logons key; spambot; CeX hack

In Case You Missed It: Facebook spreads malware; Instagram celeb hack; Logon breach id key; Spambot weaponises 711 m accounts; CeX hacked

Malware - a primer: What is it and what can you do to prevent it?

Virus, worm, keylogger, Trojan, spyware, adware, and ransomware are all forms of malware with a level of distinction between each, but, as Harsh Maurya notes, it might not be apparent to the common, non-tech user.

Hackers rewrite Jimmy Nukebot malware to change its goals and tasks

Jimmy Nukebot malware trojan becomes more modular to increase flexibility and make static analysis much more complicated - shows ability to adapt to the goals and tasks set before a botnet to take advantage of a new source.

ICYMI: infected apps; LinkedIn; NHS breach; GPS spoofing; board training

In Case you missed it: Dodgy Google play apps again; Linkedin hit; NHS database breach; GPS spoofing US navy?; board training lacking

New malware and adware spreading through Facebook Messenger

Fake messages on Facebook Messenger found to harbour malware.

Mac users under attack as never before- android ransomeware up 138%

In the first half of 2017, incidences of Android malware increased more than five percent since the start of the year. Most notably, incidents of Android ransomware increased 138 percent in Q2 .

GPS spoofing could have caused warship crash - US navy investigating

Itay Glick: "The ship could have fallen victim to a GPS spoof or malware. Both USS McCain and USS Fitzgerald were part of the 7th Fleet;... there may be a connection. I don't believe in coincidence."

Researchers find more malware-infested apps on Google Play

Bankbot found in apps uploaded by same author on Google Play, abuses Accessibliity Service feature

Flaw in LinkedIn Messenger could harbour malware

Millions could have been exposed to malware bug in LinkedIn Messenger

'ShadowPad' attack sabotaged NetSarang software with backdoor

Attackers secretly modified at least five software packages distributed by network connectivity and server management solutions provider NetSarang in order to infect its business users with modular backdoor spyware.

Vaccine discovered for Cerber ransomware - based on its own evasion

Hackers try to circumvent anti-ransomware, gives researchers vital clues to combat threat of Cerber

Malicious PowerPoint slide show files deliver REMCOS RAT

Malware distributors are now maliciously crafting PowerPoint Open XML Slide Show (PPSX) files to take advantage of a Microsoft Office vulnerability.

New Windows flaw could allow a WannaCry-like attack if not patched

Network administrators and computer owners are once again being implored to make sure that they have updated Windows to block a WannaCry-like vulnerability.

Spyware found in more than 1,000 apps in Google Play store

Android Apps on the Google Play Store have been discovered to harbour spyware originally created by an Iraqi developer. Surveillance malware records audio and steals data from users.

Ukrainian man helps spread NotPetya to help others avoid paying taxes

Ukrainian police arrested a man earlier this month for helping spread the NotPetya ransomworm through his social media outlets.

Cerber ransomware using Magnitude EK and binary padding

Cerber ransomware delivered in a Magnitude exploit kit (EK) using an interesting technique, Malwarebyte researchers have discovered.

npm removes malicious JavaScript packages caught stealing data

Malware-spiked packages designed to steal environment variables upon installation found and removed by the developers of the JavaScript programming language package manager "npm"

SSL encrypted malware doubles this year, phishing over SSL/TLS up 400%

Increasingly sophisticated malware strains are using SSL to encrypt their activity with malicious SSL-encrypted content more than doubling in the last six months according to a study from Zscaler ThreatLabZ.

Persistent Persian Prince learns from takedowns - now avoids sinkholes

The information stealer, dubbed Foudre, incorporates new anti-takeover techniques in an attempt to avoid having its Command and Control (C2) infrastructure domains being sinkholed

Svpeng mobile banking trojan now a keylogger

Cybercriminals have updated the functionality of the popular Svpeng mobile banking trojan giving it keylogger capabilities and the ability to access the text input from almost all of a devices apps.

Active Directory botnet establishes C&C inside infected networks

Researchers have developed a potentially devastating new botnet that abuses infected victims' Active Directory Domain Controllers, turning them into internally hosted command and control servers.

ICYMI: Home IoT; £40 bn attack bill; Bupa leak; malware duo; Dow Jones

In Case You Missed It: IoT home vulnerability; Cyber attacks cost £40 bn; Bupa insider data leak; dual malware vectors; Dow Jones data at risk

Lastline says cyber-pros have some gaps in their malware knowledge

Low awareness of some common malware behaviours could decrease the effectiveness of detection and mitigation efforts, according to the company.

Evil twins NemucodAES and Kovter spreading in joint malware campaign

Ransomware teams up with click-fraud malware in double whammy combining NemucodeAES and Kovter to hit victims unawares.

SpyDealer Android malware steals data from Facebook, Skype, other apps

Highly sophisticated SpyDealer malware attacks Android operating systems and can exfiltrate data from a range of popular apps.

To Petya or NotPetya: Confusion reigns as industry wonders what to call it

Researchers are quibbling over whether or not this ransomware is Petya as originally reported and if it isnt, then what is it?