Collaborate Disseminate
 |
|
| TrickBot is still actively maintained and it is not going to leave the landscape any soon. Take a look at its new modules.
Categories: Tags: dyrezaEternalPetyamalwareOutlookransomwaretrickbotWannaCry |
The post TrickBot comes with new tricks – attacking Outlook and browsing data appeared first on Malwarebytes Labs.
Continue reading TrickBot comes with new tricks – attacking Outlook and browsing data
 |
|
| Recently, our analyst Jérôme Segura captured an interesting payload in the wild. It turned out to be a new bot, that, at the moment of the analysis, hadn’t been described yet.
Categories: Tags: bankerdyredyrezatrickbottrickloader |
A fresh malware sample was recently spotted using an attached Microsoft Compiled HTML (Help file) attached to spam messages. A Microsoft Help file is a binary file, which encompasses a set of HTML files; it usually has a .chm or .hlp extension. The malicious help file malware analyzed – a .chm file – arrived via spam […]
The post Microsoft Help File Malware Targets JPMorgan Chase Customers appeared first on ThreatTrack Security Labs Blog.
Continue reading Microsoft Help File Malware Targets JPMorgan Chase Customers
A fresh malware sample was recently spotted using an attached Microsoft Compiled HTML (Help file) attached to spam messages. A Microsoft Help file is a binary file, which encompasses a set of HTML files; it usually has a .chm or .hlp extension. The malicious help file malware analyzed – a .chm file – arrived via spam […]
The post Microsoft Help File Malware Targets JPMorgan Chase Customers appeared first on ThreatTrack Security Labs Blog.
Continue reading Microsoft Help File Malware Targets JPMorgan Chase Customers
January was a busy month for the developers of Dyre/Dyreza. The group reintroduced their Upatre link spam with some additional subterfuge. This article will explore two types of spambots that Dyre utilizes; the following diagram presents a simplified visual on how each type executes. Dyre bot operators have started to JJencode their HTML to obscure detection and have rigged […]
The post Dyre Spambots Use JJencode to Broaden Distribution appeared first on ThreatTrack Security Labs Blog.
Continue reading Dyre Spambots Use JJencode to Broaden Distribution
January was a busy month for the developers of Dyre/Dyreza. The group reintroduced their Upatre link spam with some additional subterfuge. This article will explore two types of spambots that Dyre utilizes; the following diagram presents a simplified visual on how each type executes. Dyre bot operators have started to JJencode their HTML to obscure detection and have rigged […]
The post Dyre Spambots Use JJencode to Broaden Distribution appeared first on ThreatTrack Security Labs Blog.
Continue reading Dyre Spambots Use JJencode to Broaden Distribution
Job seekers beware. A login-credential-stealing Trojan is trying to steal your email address and password when you access CareerBuilder.com. We recently reported on the evolution of Dyre as observed by ThreatTrack Security Labs. The latest developments to this data-stealing Trojan, also known as Dyreza, is an expanded list of targeted sites, including the addition of […]
The post Dyre Recruiting CareerBuilder.com Users appeared first on ThreatTrack Security Labs Blog.