What’s in the spam mailbox this week?

We’ve seen a fair few spam emails in circulation this week, ranging from phishing to money muling to sexploitation. Shall we take a look? The FBI wants to give you back your money First out of the gate, we have a missive claiming to be from the FBI. Turns out you lost a huge sum … [Read more…]

A week in security (July 23 – July 29)

antispyware

Last week on Labs, we looked at an adware called MobiDash getting stealthy, a new strain of Mac malware called Proton that was found after two years, and the ‘Hidden Bee’ miner that was delivered via an improved drive-by download toolkit. We also delved into the security improvements expected in the new Android P, and had a fresh look at Trojans to help users … [Read more…]

New Android P includes several security improvements

According to the Android developer Program Overview, the next major version of Android, Android 9.0 or P, is set to arrive soon. Their plans show a final release within the next three months (Q3 2018). The end of the Android P beta program is approaching, with the first release candidate built and released in July. As … [Read more…]

A mining multitool

Recently, an interesting miner implementation appeared on Kaspersky Lab’s radar. The malware, which we dubbed PowerGhost, is capable of stealthily establishing itself in a system and spreading across large corporate networks infecting both workstations and servers. This type of hidden consolidation is typical of miners: the more machines that get infected and the longer they … [Read more…]

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

This blog post was authored by @hasherezade and Jérôme Segura. We recently detected a drive-by a download attempt trying to exploit CVE-2018-4878, a vulnerability in Flash Player, in a sequence that was not matching any of the exploit kit patterns that we currently track. Upon investigation, we discovered something that was new to us, but is part of … [Read more…]

Introducing: Malwarebytes Browser Extension

Are you tired of all the unwanted content the world wide web offers up, whether you like it or not? It is our privilege to introduce you to the Malwarebytes Browser Extension (BETA). Or, better said, the Malwarebytes Browser Extensions, because we have one for Firefox and one for Chrome. Introduction Malwarebytes Browser Extension delivers … [Read more…]

A study of car sharing apps

The growing popularity of car sharing services has led some experts to predict an end to private car ownership in big cities. The statistics appear to back up this claim: for example, in 2017 Moscow saw the car sharing fleet, the number of active users and the number of trips they made almost double. This … [Read more…]

Trojans: What’s the real deal?

antispyware

The fictional Greeks hiding in their legendary Trojan horse would probably be excited to learn that the default Wiki page for Trojan is, in fact, their big wooden horse thingy (vs. computer infections or dubious businesses). Sorry, fictional ancient Greek warriors. It’s not that we don’t think you’re a big deal—that film with Brad Pitt … [Read more…]

DDoS attacks in Q2 2018

News overview Q2 2018 news includes: non-standard use of old vulnerabilities, new botnets, the cutthroat world of cryptocurrencies, a high-profile DDoS attack (or not) with a political subtext, the slashdot effect, some half-baked attempts at activism, and a handful arrests. But first things first. Knowing what we know about the devastating consequences of DDoS attacks, … [Read more…]

New strain of Mac malware Proton found after two years

Last week, Kaspersky reported on a new variant of the Mac malware Proton, which they have dubbed Calisto, that has been around for at least two years. Calisto is thoroughly dead at this point, but there are still potential security implications involved with these older infections. Proton was first revealed to the world back in … [Read more…]