Malware News, Articles and Updates

ICYMI: Home IoT; £40 bn attack bill; Bupa leak; malware duo; Dow Jones

In Case You Missed It: IoT home vulnerability; Cyber attacks cost £40 bn; Bupa insider data leak; dual malware vectors; Dow Jones data at risk

Lastline says cyber-pros have some gaps in their malware knowledge

Low awareness of some common malware behaviours could decrease the effectiveness of detection and mitigation efforts, according to the company.

Evil twins NemucodAES and Kovter spreading in joint malware campaign

Ransomware teams up with click-fraud malware in double whammy combining NemucodeAES and Kovter to hit victims unawares.

SpyDealer Android malware steals data from Facebook, Skype, other apps

Highly sophisticated SpyDealer malware attacks Android operating systems and can exfiltrate data from a range of popular apps.

To Petya or NotPetya: Confusion reigns as industry wonders what to call it

Researchers are quibbling over whether or not this ransomware is Petya as originally reported and if it isnt, then what is it?

NotPetya: Researchers find 'kill switch', then clash over naming

Researchers claim to have found a 'killswitch' for NotPetya, but there seems to be disagreement over what to call it.

White hats share insights on modern attack campaign strategies

New findings from 451 Research reveal real-world insights into modern attack campaign strategies, planning and execution.

Adgholas malvertising group linked to UCL Trojan ransomware attack

Hackers used Astrium exploit kit to deliver Mole ransomware in University College London malware attack, according to research by Proofpoint.

Malware piggybacks on IoT devices from Vietnam and Taiwan - Kaspersky

In Vietnam and Taiwan, malware is being mass produced alongside cheap web cameras, DVRs and other IoT devices, according to a report from Kaspersky Lab.

Europol arrests counter anti-virus, malware crypter services customers

Six customers of a malware crypter service were arrested throughout Europe Tuesday following a year-long initiative called Operation Neuland, Europol said in a release.

More than 800 Google Play Android apps spotted with Xavier Trojan SDK

Trend Micro researchers spotted more than 800 Android applications available on the Google Play Store embedded with the software development kit (SDK) of the information-stealing ad library dubbed "Xavier."

Mac OS hit by free malware-as-a-service

Cyber-criminals once again upped the ante with what is advertised as the "most sophisticated Mac spyware ever"

Security must address ICT staff efficiency

Jason Steer explains ICT department efficiency - How does a fresh approach to cyber-security enable better efficiency from the ICT staff who are overwhelmed with the current security situation?

Researchers show how WannaCry can be ported to infect Windows 10

Security researchers show how latest Microsoft operating system could have been infected by ransomware

Global Fireball adware epidemic infects nine percent of UK networks

More than nine percent of corporate networks in the UK are infected with Fireball, an adware package that has infected 250 million computers worldwide, say Check Point researchers.

Stolen DMA locker variant pwning Remote Desktop uses known private key

Pirated malware was built on a stolen version of DMA Locker which uses same key and graphical user interface as cracked version.

Mobile malware poses as Android apps with up to 36.5M downloads

A pair of campaigns designed to spread ad fraud malware through supposedly innocuous Android applications generated between 8.5 million and 36.5 million downloads before Google removed the apps from its online store, Check Point Software Technologies has reported.

Lazarus pegged as being behind recent SWIFT attacks

The on-going whodunnit regarding cyber-attacks on European financial firms through the SWIFT bank messaging services now has the Russian cyber-security firm Group IB alleging North Korea, through the Lazarus group, is behind the attacks.

Hackers upgrading malware to 64-bit code to evade detection

Detecting 64-bit malware is more difficult than signature scanning for 32-bit malware, and despite a slow start cyber-criminals are starting to update their tools.

Over half a billion domains infected by RoughTed malvertising campaign

While it peaked in March 2017, the scourge has been rolling out for more than a year with a dark cornucopia encompassing scams and exploit kits that go after a broad range of targets using their operating system, browser and geolocation to inject the appropriate payload, Segura wrote.

Researchers spot enhancements on Qakbot malware to infect new systems

Cylance researchers spotted enhancements on the Qakbot malware that let it infect new systems and lock out administrators.

The incredible story of third-Party script dangers - & how to stop them

Hadar Blutrich discusses some of the common ways of handling malware distribution through ads and suggests 'next generation sandboxes' around websites might be able to reduce of these risks.

Terror exploit kit evolving into greater danger - drops multiple exploits

New exploit kit taking the place of Angler and others as it rapidly evolves to target its victims.

Slammer worms its way to top of most wanted malware list

Enterprises are increasingly being hit with exploit kits, especially Rig EK, and the Slammer worm has resurfaced, according to Check Point's latest monthly Global Threat Impact Index.

Iranian 'OilRig' expands attacks, works with Russian hackers-for-hire

Attacks believed to be Iranian in origin were fended off for more than two weeks in April, but security experts examining the code detected snippets of code from an underground Russian marketplace.

Cookie monster: malware steals cookies and hijacks WordPress sessions

Sucuri researchers recently observed a malware attack that injected obfuscated code into a JavaScript file in order to steal web users' cookies and hijack their WordPress sessions.

Malware statistics reveal variations in malware infections world-wide

If you live in Manchester, Orlando, Ottawa or Lisbon, you might want to ask why your cities are getting slammed the worst by malware, according to statistics from an anti-malware company.

New IoT bot Persirai ensnaring IP cameras

Apparently emanating from Iran, Persirai has been detected by researchers at Trend Micro linking more than 1,000 internet protocol (IP) camera models into a vast Internet of Things (IoT) botnet.

Netrepser malware steals from undisclosed government agencies

A new targeted attack built with readily available software tools has been named Netrepser by researchers at Bitdefender who discovered the attacker.

Trio of downloaders used in recent Blackmoon banking Trojan campaign

Two recent cyber-theft campaigns targeting South Koreans employed a three-stage downloader framework that installed the Blackmoon banking Trojan on geo-targeted machines, according to a report Thursday from Fidelis.