Monthly Archives: May 2018

A conversation with America Geeks

Thanks to NeeP for contributing significant research. You can check out NeeP’s YouTube channel here. Malwarebytes has written quite a bit about tech support scammers, typically focusing on new scam techniques as they arise with new threat actor groups. But … Continue reading

Posted in Antivirus | Comments Off on A conversation with America Geeks

Instagram story spam claims free Apple Watch

I have to admit, I’m not 100 percent sure who Elton Castee is. “Who’s that?” you ask? Digging around revealed that he’s big on YouTube, has done some films, and raises money for dogs, which is very cool. He’s also … Continue reading

Posted in Antivirus | Comments Off on Instagram story spam claims free Apple Watch

Researchers discover vulnerabilities in smart assistants’ voice commands

Virtual personal assistants (VPA), also known as smart assistants like Amazon’s Alexa and Google’s Assistant, are in the spotlight for vulnerabilities to attack. Take, for example, that incident about an Oregon couple’s Echo smart speaker inadvertently recording their conversation and sending … Continue reading

Posted in Antivirus | Comments Off on Researchers discover vulnerabilities in smart assistants’ voice commands

Trojan watch

We continue to research how proliferation of IoT devices affects the daily lives of users and their information security. In our previous study, we touched upon ways of intercepting authentication data using single-board microcomputers. This time, we turned out attention … Continue reading

Posted in Antivirus | Comments Off on Trojan watch

Two major Canadian banks hacked and blackmailed

While the US was celebrating Memorial Day on Monday, Canada was dealing with an unusual and major data breach affecting two popular financial institutions: Simplii Financial and the Bank of Montreal (BMO). The CBC broke the story and updated it … Continue reading

Posted in Antivirus | Comments Off on Two major Canadian banks hacked and blackmailed

SEO poisoning: Is it worth it?

Search Engine Optimization (SEO) poisoning basically comes down to getting your web page high in the rankings for relevant search results without buying advertisements or using legitimate, but tedious, SEO best practices. Instead, threat actors use illegal means to push … Continue reading

Posted in Antivirus | Comments Off on SEO poisoning: Is it worth it?

2018 Fraud World Cup

There are only two weeks to go before the start of the massive soccer event — FIFA World Cup. This championship has already attracted the attention of millions worldwide, including a fair few cybercriminals. Long before kick-off, email accounts began … Continue reading

Posted in Antivirus | Comments Off on 2018 Fraud World Cup

A week in security (May 21 – May 27)

Last week we told you about a Mac cryptominer using XMRig, an overview of Dreamcast related scams, part 1 of decoding Emotet, and what to do about bad coding habits that die hard. We also published the results of our … Continue reading

Posted in Antivirus | Comments Off on A week in security (May 21 – May 27)

Malware analysis: decoding Emotet, part 1

Emotet Banking Trojan malware has been around for quite some time now. As such, infosec researchers have made several attempts to develop tools to de-obfuscate and even decrypt the AES-encrypted code belonging to this malware. The problem with these tools … Continue reading

Posted in Antivirus | Comments Off on Malware analysis: decoding Emotet, part 1

VPNFilter EXIF to C2 mechanism analysed

On May 23 2018, our colleagues from Cisco Talos published their excellent analysis of VPNFilter, an IoT / router malware which exhibits some worrying characteristics. Some of the things which stand out about VPNFilter are: It has a redundant, multi-stage … Continue reading

Posted in Antivirus | Comments Off on VPNFilter EXIF to C2 mechanism analysed