Monthly Archives: April 2017

Use of DNS Tunneling for C&C Communications

– Say my name. – 127.0.0.1! – You are goddamn right. Network communication is a key function for any malicious program. Yes, there are exceptions, such as cryptors and ransomware Trojans that can do their job just fine without using … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Use of DNS Tunneling for C&C Communications

New OSX.Dok malware intercepts web traffic

Most Mac malware tends to be unsophisticated. Although it has some rather unpolished and awkward aspects, a new piece of Mac malware, dubbed OSX.Dok, breaks out of that typical mold. OSX.Dok, which was discovered by Check Point, uses sophisticated means … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on New OSX.Dok malware intercepts web traffic

APT Trends report, Q1 2017

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on APT Trends report, Q1 2017

System optimizers turning to Tech Support Scams

A new trend, which was also pointed out in our Q1 cybercrime report, is the combination of PUPs and Tech Support Scams. Most of these PUPs are so-called system optimizers. This is worrying as the damage done by PUPs was … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on System optimizers turning to Tech Support Scams

A story of fonts by the EITest HoeflerText campaign

One of the most common malware campaigns from compromised websites is known as EITest and has traditionally been redirecting victims towards exploit kits. But it also has an alternate payload for browsers other than Internet Explorer, specifically for Google Chrome, where … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on A story of fonts by the EITest HoeflerText campaign

Adware the series, part 1

In this series, we will be using the flowchart below to follow the process of determining which adware we are dealing with. Our objective is to give you an idea of how many different types of adware are around for … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Adware the series, part 1

Terror EK going ‘pro’? Not quite yet

Since our last post on Terror EK, we haven’t really seen much activity from this exploit kit. However, in recent days it popped back up again with a slightly new format. One thing that seemed consistent with Terror EK was … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Terror EK going ‘pro’? Not quite yet

Hajime, the mysterious evolving botnet

Introduction Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. One month later we saw the first samples being uploaded from Spain to VT. This worm … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Hajime, the mysterious evolving botnet

iCloud support scams

iCloud is an increasingly large target for scams of all kinds. It’s a common target for scams involving phishing e-mails. The goal of such scams is to get you to click a link that takes you to a fake iCloud … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on iCloud support scams

Do I have Malwarebytes or a Tech Support Scam?

A lot of companies don’t make clear who their tech support is, what their relationship to that group is, and what the difference is between ‘licensed’, ‘authorized’, ‘partner’, ‘reseller’, and ‘actually an employee, we swear.’ You might call up a … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Do I have Malwarebytes or a Tech Support Scam?