Monthly Archives: October 2016

Promoted Tweet leads to credit card phishing

There’s been a bit of an issue with promoted Tweets on Twitter in the last few days – well, one specific promoted Tweet at any rate – in the form of a rogue phish asking for login credentials and payment … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Promoted Tweet leads to credit card phishing

Get your RAT on Pastebin

While it is not uncommon to find malware or code on Pastebin, it is a surprise to find a dropper that downloads the payload from Pastebin on the fly. The payload has turned out to be a RAT with keylogger … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Get your RAT on Pastebin

Inside the Gootkit C&C server

The Gootkit bot is one of those types of malicious program that rarely attracts much attention from researchers. The reason is its limited propagation and a lack of distinguishing features. There are some early instances, including on Securelist (here and … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Inside the Gootkit C&C server

UK WhatsApp users warned of latest in-the-wild scam

Users of WhatsApp, that popular texting service application for mobile devices, are warned of a new scam making rounds that may have started late last week. Below is a sample of what users are receiving: @sainsburys got this on whatsapp, … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on UK WhatsApp users warned of latest in-the-wild scam

Attribution, and when you should care: Part 1

It’s not China. Unless it is. Or maybe it’s a 400 lb hacker in their basement. Unlikely. Who can tell who does anything on the Internet and why do we care anyway? Attribution is the practice of taking forensic artifacts … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Attribution, and when you should care: Part 1

Debunking the hacker stereotype: Who are the real monsters?

Let’s try a quick exercise. Close your eyes. When you hear the word “hacker,” what do you think about? A socially awkward Dennis Nedry type, chugging energy drinks while compiling code rapid fire at his garbage-strewn desk? A faceless, shadowy … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Debunking the hacker stereotype: Who are the real monsters?

The “notification” ransomware lands in Brazil

It’s unusual for a day to go by without finding some new variant of a known ransomware, or, what is even more interesting, a completely new one. Unlike the previously reported and now decrypted Xpan ransomware, this same-but-different threat from … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on The “notification” ransomware lands in Brazil

Scamming as a service – seriously

Over the years we’ve done analysis on tech support scammers to include their tactics, infrastructure, front companies, payment mechanisms, and even how they hire. But one question that comes up frequently from security researchers is how a group of criminals, … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Scamming as a service – seriously

Trick Bot – Dyreza’s successor

Recently, our analyst Jérôme Segura captured an interesting payload in the wild. It turned out to be a new bot, that, at the moment of the analysis, hadn’t been described yet. According to strings found inside the code, the authors named … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Trick Bot – Dyreza’s successor

The Day the Internet Died

Okay, so I admit the title is a bit misleading and alarmist, but lots of folks will agree this was a bad day to try and use the internet. This is because today there was a massive DDoS attack that … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on The Day the Internet Died