Adware the series, part 4

In this series of posts, we will be using the flowchart below to follow the process of determining which adware we are dealing with. Our objective is to give you an idea of how many different types of adware are around for Windows systems. Though most are classified as PUPs, you will also see the occasional Trojan or rootkit, especially for the … [Read more…]

A week in security (May 22 – May 28)

antispyware

Last week we informed you about several new threats, including the android ransomware that targets Tencent users. This SLocker.fh masquerades as various legitimate apps to fool users into accepting escalated rights. Or how about the potential danger of spilling Windows credentials for Chrome users. All they need you to do is to visit their site. … [Read more…]

A stolen version of DMA-locker is making the rounds

Ransomware has become a popular criminal business with a relatively easy entrance. Even the people with little technical knowledge can build their own ransomware based on open source code, that has been published on the internet some time ago. Nevertheless, cybercriminals keep stealing, not only from victims, but also from each other. Some time ago … [Read more…]

Dridex: A History of Evolution

The Dridex banking Trojan, which has become a major financial cyberthreat in the past years (in 2015, the damage done by the Trojan was estimated at over $40 million), stands apart from other malware because it has continually evolved and become more sophisticated since it made its first appearance in 2011. Dridex has been able … [Read more…]

RoughTed: The anti ad-blocker malvertiser

RoughTed is a large malvertising operation that peaked in March 2017 but has been going on for at least well over a year. It is unique for its considerable scope ranging from scams to exploit kits, targeting a wide array of users via their operating system, browser, and geolocation to deliver the appropriate payload. We estimate … [Read more…]

5 Unsettling cyberthreats

antispyware

Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. A SQL injection is a SQL injection, no matter who’s trying it.  But what about the outliers? What about threats that impact you, but you can’t remediate, or establish a policy to cover? Here are 5 cyberthreats that if you’re not frightened by, … [Read more…]

Stealing Windows credentials using Google Chrome

Security researcher Bosko Stankovic recently published an article explaining how an attacker could use Chrome, the SMB file sharing protocol, and Windows Explorer Shell Command File to steal victims credentials. The basic elements Chrome Similar attacks have been demonstrated using Internet Explorer and Edge, but being able to do this with a (very popular) third … [Read more…]

IT threat evolution Q1 2017. Statistics

Q1 figures According to KSN data, Kaspersky Lab solutions detected and repelled 479,528,279 malicious attacks from online resources located in 190 countries all over the world. 79,209,775 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that aims to steal money via online access to bank accounts were registered on … [Read more…]

IT threat evolution Q1 2017

Overview Targeted attacks and malware campaigns More wipers The aim of most targeted attack campaigns is to steal sensitive data. However, this isn’t always the goal. Sometimes attackers erase data instead of – or as well as – trying to gain access to confidential information. We’ve seen several wiper attacks in recent years. They include … [Read more…]

A week in security (May 15 – May 21)

antispyware

Last week was dominated by the WannaCry ransomware and the discussions ensuing it. We published: A quick roundup of everything we found out in the first few days. How did it spread? Was it by email, was it a targeted attack? Or was it just the worm? We found a decryptor that works in some … [Read more…]