Malware News, Articles and Updates

Researchers spot enhancements on Qakbot malware to infect new systems

Cylance researchers spotted enhancements on the Qakbot malware that let it infect new systems and lock out administrators.

The incredible story of third-Party script dangers - & how to stop them

Hadar Blutrich discusses some of the common ways of handling malware distribution through ads and suggests 'next generation sandboxes' around websites might be able to reduce of these risks.

Terror exploit kit evolving into greater danger - drops multiple exploits

New exploit kit taking the place of Angler and others as it rapidly evolves to target its victims.

Slammer worms its way to top of most wanted malware list

Enterprises are increasingly being hit with exploit kits, especially Rig EK, and the Slammer worm has resurfaced, according to Check Point's latest monthly Global Threat Impact Index.

Iranian 'OilRig' expands attacks, works with Russian hackers-for-hire

Attacks believed to be Iranian in origin were fended off for more than two weeks in April, but security experts examining the code detected snippets of code from an underground Russian marketplace.

Cookie monster: malware steals cookies and hijacks WordPress sessions

Sucuri researchers recently observed a malware attack that injected obfuscated code into a JavaScript file in order to steal web users' cookies and hijack their WordPress sessions.

Malware statistics reveal variations in malware infections world-wide

If you live in Manchester, Orlando, Ottawa or Lisbon, you might want to ask why your cities are getting slammed the worst by malware, according to statistics from an anti-malware company.

New IoT bot Persirai ensnaring IP cameras

Apparently emanating from Iran, Persirai has been detected by researchers at Trend Micro linking more than 1,000 internet protocol (IP) camera models into a vast Internet of Things (IoT) botnet.

Netrepser malware steals from undisclosed government agencies

A new targeted attack built with readily available software tools has been named Netrepser by researchers at Bitdefender who discovered the attacker.

Trio of downloaders used in recent Blackmoon banking Trojan campaign

Two recent cyber-theft campaigns targeting South Koreans employed a three-stage downloader framework that installed the Blackmoon banking Trojan on geo-targeted machines, according to a report Thursday from Fidelis.

Under-the-radar KONNI malware campaign found targeting North Korea

A new malware family has been discovered with belief that it has been in use for more than three years to target officials and organisations with ties to North Korea.

New 'Dok' dropper variant found delivering Mac malware

A Malwarebytes researcher on Monday discovered a new variant of the "Dokument.app" dropper that was recently found delivering OSX/Dok Mac malware capable of intercepting infected machines' HTTPS communications.

Hackers cyber-squat hundreds of UK bank domains to trick web users

DomainTools discovers more than 300 fake websites fooling customers into thinking they're clicking on top UK bank websites.

OSX malware uses stolen certs and reads HTTPS traffic

Mac users beware as researchers have found yet another reason to rattle the false sense of security some may have concerning Macs and viruses.

Hajime malware now has 300,000 strong botnet at disposal say researchers

The Hajime malware has recruited 300,000 IoT devices to its botnet, but researchers are still baffled as to what the botnet 's purpose may be.

Multiple groups likely collaborating on Shamoon

Multiple hacker groups may be collaborating on behalf of a nation-state actor, according to a new report.

Mysterious Felismus RAT poses powerful threat

Forcepoint Lab researchers spotted a remote access trojan (RAT) dubbed Felismus which has a modular construction that allows it to hide and or extend its capabilities.

JavaScript spam campaigns on the loose

More than 10,000 instances of malicious JavaScript payloads have been detected in the past two weeks.

Titanium Stresser DDoS malware creator Alan Mudd sentenced to two years

Alan Mudd was sentenced to two years in a young offender's institution by a UK court for creating, selling and using Distributed Denial of Service malware.

Met Police officer buys malware that monitors messages, calls and more

A London police officer has purchased malware for mobile phones and computers that can intercept calls, emails and more.

Asian Interpol operation finds nearly 270 compromised websites

Authorities from seven Southeast Asian nations recently collaborated on an operation that exposed regional threats including malware, ransomware, DDoS attacks, and spam campaigns.

IoT botnets Mirai and Hajime forming a monster rivalry

The Mirai malware that has created massive botnets out of hijacked Internet of Things devices has met a formidable opponent in Hajime, a rival IOT worm whose intent may possibly be to declaw Mirai.

Cylance disputes accusations that it provided fake malware samples

Cylance said it didn't intentionally mislead customers in an attempt to skew the performance of Protect over its competitors.

Union Bank of India cyber-attacked similar to Bangladesh heist

Hackers launched an attack against Union Bank of India that was very similar to the attack Bangladesh bank heist that resulted in the theft of $81 million.

Hackers compromise third-party vendor Amazon accounts

The threat actors have reportedly changed the bank-deposit information on the compromised accounts to steal thousands from the users.

Unsecure IoT devices attacked and destroyed by BrickerBot malware

The initial attacks began on 20 March when BrickBot 1.0 and 2.0 began pinging a Radware honeypot, Radware said in a security alert.

Wordpress hit with torrent attacks and malicious javascript

Dubbed, Sathurbot, the Trojan is disguised in a software torrent containing an apparent installer executable and a small text file.

Amnesia botnet targeting DVRs

The Amnesia botnet looks for an unpatched remote code execution vulnerability affecting DVR appliances.

ROKRAT using Twitter, other social media as command and control link

Security researchers at Cisco Talos explain how the ROKRAT malware is leveraging social media to hide its C&C communications in plain sight.