Category Archives: Antivirus

New Mac Malware-as-a-Service offerings

A couple weeks ago, two new Malware-as-a-Service (MaaS) offerings for the Mac became available. These two offerings – a backdoor named MacSpy and a ransomware app named MacRansom – were discovered by Catalin Cimpanu of Bleeping Computer on May 25. Cimpanu evidently … Continue reading

Posted in Antivirus | Comments Off on New Mac Malware-as-a-Service offerings

Cheers to a successful time at Infosec Europe 2017

With over 350 exhibitors, well over 10,000 visitors, and many widely respected speakers, Infosec Europe is one of Europe’s biggest security events. The Malwarebytes stand attracted a lot of interested people, even without our robot Zero, who had obligations elsewhere. … Continue reading

Posted in Antivirus | Comments Off on Cheers to a successful time at Infosec Europe 2017

The numeric Tech Support Scam campaign

There are many different tech support scam (TSS) campaigns active at any given moment, the majority of them are fueled by malicious adverts (the browser lockers), or bundled software (the screen lockers). Something interesting happened recently, where legitimate – but hacked – … Continue reading

Posted in Antivirus | Comments Off on The numeric Tech Support Scam campaign

A week in security (Jun 05 – Jun 11)

Last week, we interviewed our very own Pieter Arntz to get to know him a little better. We also touched on the importance of HTTPS and focused on a new social engineering scheme that triggers on mouse movement. We also … Continue reading

Posted in Antivirus | Comments Off on A week in security (Jun 05 – Jun 11)

Two Tickets as Bait

Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned … Continue reading

Posted in Antivirus | Comments Off on Two Tickets as Bait

SambaCry is coming

Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for *nix-based systems – EternalRed (aka SambaCry). This vulnerability (CVE-2017-7494) relates to all versions of Samba, starting from … Continue reading

Posted in Antivirus | Comments Off on SambaCry is coming

Please stop posting your X-rays to social media

Social media is fun. Posting pictures and sharing them with friends is a great technology. But please, we beg you, stop posting your medical imaging results to Instagram, Twitter, and Facebook. Why? What if you get a gnarly fracture from … Continue reading

Posted in Antivirus | Comments Off on Please stop posting your X-rays to social media

Dvmap: the first Android malware with code injection

In April 2017 we started observing new rooting malware being distributed through the Google Play Store. Unlike other rooting malware, this Trojan not only installs its modules into the system, it also injects malicious code into the system runtime libraries. … Continue reading

Posted in Antivirus | Comments Off on Dvmap: the first Android malware with code injection

New social engineering scheme triggers on mouse movement

One of threat actors’ favorite malware delivery schemes is social engineering as it remains highly effective against a variety of targets. Malicious spam, in particular, is one of the biggest threats enterprises are facing today in the form of daily deliveries of … Continue reading

Posted in Antivirus | Comments Off on New social engineering scheme triggers on mouse movement

LatentBot piece by piece

LatentBot is a multi-modular Trojan written in Delphi and known to have been around since 2013. Recently, we captured and dissected a sample distributed by RIG Exploit Kit. The main executable is a persistent botnet agent which downloads additional modules … Continue reading

Posted in Antivirus | Comments Off on LatentBot piece by piece