Monthly Archives: April 2018

Tens of thousands per Gram

Looking at Instagram one morning, I spotted several posts from some fairly well-known people (in certain circles) who had invested in an ICO held by Telegram. Interesting, I thought to myself. I fancy a piece of that. Only I was … Continue reading

Posted in Antivirus | Comments Off on Tens of thousands per Gram

Perspectives on Russian hacking

Russia is an endlessly fascinating subject both in and around infosec. Recent years have shifted attention away from pure malware capabilities, to psyops, social engineering, and an endless slew of mind games designed to destabilize and keep nations ever-so-slightly off … Continue reading

Posted in Antivirus | Comments Off on Perspectives on Russian hacking

PBot: a Python-based adware

Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot/PythonBot: a Python-based adware. Apart from … Continue reading

Posted in Antivirus | Comments Off on PBot: a Python-based adware

Leaking ads

When we use popular apps with good ratings from official app stores we assume they are safe. This is partially true – usually these apps have been developed with security in mind and have been reviewed by the app store’s … Continue reading

Posted in Antivirus | Comments Off on Leaking ads

Magnitude exploit kit switches to GandCrab ransomware

The GandCrab ransomware is reaching far and wide via malspam, social engineering schemes, and exploit kit campaigns. On April 16, we discovered that Magnitude EK, which had been loyal to its own Magniber ransomware, was now being leveraged to push out … Continue reading

Posted in Antivirus | Comments Off on Magnitude exploit kit switches to GandCrab ransomware

5 cybersecurity questions retailers must ask to protect their businesses

The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records … Continue reading

Posted in Antivirus | Comments Off on 5 cybersecurity questions retailers must ask to protect their businesses

Roaming Mantis uses DNS hijacking to infect Android smartphones

In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. According … Continue reading

Posted in Antivirus | Comments Off on Roaming Mantis uses DNS hijacking to infect Android smartphones

Myspace vs. Facebook: the good old days?

Many people have fond memories of ye olde Myspace dotte comme, and those rose-splashed spectacles seem to have grown ever larger in light of the recent Facebook happenings. In recent days, I’ve seen many declaring their love for all things … Continue reading

Posted in Antivirus | Comments Off on Myspace vs. Facebook: the good old days?

Week in security (April 09 – April 15)

Last week, we took a look at a malware-campaign called FakeUpdates, methods to use secure instant messaging, the inner workings of a decryption tool, and some Facebook spam campaigns. We also published our first quarterly Malwarebytes Labs CTNT report of … Continue reading

Posted in Antivirus | Comments Off on Week in security (April 09 – April 15)

Facebook spammers making things worse

Facebook’s having a bad couple of weeks. Between Congressional testimony and new information coming forward about Cambridge Analytica’s use of user data, the tech giant is having problems keeping its users aboard. Unfortunately, misery loves company. We noticed a few Facebook … Continue reading

Posted in Antivirus | Comments Off on Facebook spammers making things worse