Monthly Archives: June 2017

EternalPetya – yet another stolen piece in the package?

Since June 27th we have been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since day one, various contradicting theories started popping up. Some believed that this malware is a rip-off of the original Petya, while … Continue reading

Posted in Antivirus | Comments Off on EternalPetya – yet another stolen piece in the package?

EternalPetya and the lost Salsa20 key

We have recently been facing a huge outbreak of the new version of Petya-like malware armed with a infector in WannaCry-style. The research is still in progress, and the full report will be published soon. In this post we will focus … Continue reading

Posted in Antivirus | Comments Off on EternalPetya and the lost Salsa20 key

ExPetr/Petya/NotPetya is a Wiper, Not Ransomware

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made. This supports the theory that this malware campaign … Continue reading

Posted in Antivirus | Comments Off on ExPetr/Petya/NotPetya is a Wiper, Not Ransomware

Solution Corner: Malwarebytes Endpoint Protection

We’ve been busy here at Malwarebytes with several product announcements recently. Malwarebytes Incident Response was released in late April, providing threat detection and remediation via our new cloud-based platform. Right on its heels, leveraging the same platform is Malwarebytes Endpoint … Continue reading

Posted in Antivirus | Comments Off on Solution Corner: Malwarebytes Endpoint Protection

Adware the series, part 6

In this series of posts, we will be using the flowchart below to follow the process of determining which adware we are dealing with. Our objective is to give you an idea of how many different types of adware are around for … Continue reading

Posted in Antivirus | Comments Off on Adware the series, part 6

Schroedinger’s Pet(ya)

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. If you were one of the unfortunate victims, this screen might look familiar: … Continue reading

Posted in Antivirus | Comments Off on Schroedinger’s Pet(ya)

Neutrino modification for POS-terminals

From time to time authors of effective and long-lived Trojans and viruses create new modifications and forks of them, like any other software authors. One of the brightest examples amongst them is Zeus (Trojan-Spy.Win32.Zbot, based on classification of “Kaspersky Lab”), … Continue reading

Posted in Antivirus | Comments Off on Neutrino modification for POS-terminals

Petya-esque ransomware is spreading across the world

Ringing with echoes of WannaCry, a new strain of ransomware called Petya (or Petrwrap, or NotPetya) is impacting users around the world, shutting down firms in Ukraine, Britain, and Spain. Background Petya, created in July 2016, started off as one of the … Continue reading

Posted in Antivirus | Comments Off on Petya-esque ransomware is spreading across the world

The smart, alert, strong, kind, and brave way to internet awesome

Mom and Dad, do you know when to start talking to your kids about internet safety? Google’s new Be Internet Awesome program might just be the perfect topic to start off that conversation. Launched this National Internet Safety Month, Be … Continue reading

Posted in Antivirus | Comments Off on The smart, alert, strong, kind, and brave way to internet awesome

KSN Report: Ransomware in 2016-2017

This report has been prepared using depersonalized data processed by Kaspersky Security Network (KSN). The metrics are based on the number of distinct users of Kaspersky Lab products with the KSN feature enabled, who encountered ransomware at least once in … Continue reading

Posted in Antivirus | Comments Off on KSN Report: Ransomware in 2016-2017