Locky delivered by fake BT bill

The next in the never ending series of Locky downloaders is an email with the subject of New BT Bill  pretending to come from  BT Business <btbusiness@bttconnect.com> with a link in body of email to download a zip file These are much more believable emails than the usual Locky malspam. Continue reading → Continue reading Locky delivered by fake BT bill

Locky delivered via fake Free Fax to Email malspam

The next in the never ending series of Locky downloaders is an email with the subject of  Fax from: (01242) 856225 [random numbers] pretending to come from Free Fax to Email  <freefaxtoemail@random email domain> They use email addresses and subjects that will entice a user to read the email and open the Continue reading → Continue reading Locky delivered via fake Free Fax to Email malspam

more fake voicemail messages [PBX]: New message 10 in mailbox 101 from “100GOFEDEX” delivers Locky

The next in the never ending series of Locky downloaders is an email with the subject of  [PBX]: New message 10 in mailbox 101 from “100GOFEDEX” <7820413853> pretending to come from Voicemail Service <pbx@local> The new message number, mailbox number, gofedex number and telephone number are all random. All of Continue reading → Continue reading more fake voicemail messages [PBX]: New message 10 in mailbox 101 from “100GOFEDEX” delivers Locky

A week in security (August 14 – August 20)

A compilation of security news and blog posts from the 14th of August to the 20th of August. We looked at back to school cybersecurity tips, Kronos malware, and the return of Locky ransomware.

Categories:

Tags:

(Read more…)

The post A week in security (August 14 – August 20) appeared first on Malwarebytes Labs.

Continue reading A week in security (August 14 – August 20)

Outstanding invoices email 1 of 2 malspam delivers Locky ransomware

An email with the subject of Outstanding invoices email 1 of 2 pretending to come from  random names and email addresses with a malicious word doc attachment  delivers Locky Ransomware They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. Remember Continue reading → Continue reading Outstanding invoices email 1 of 2 malspam delivers Locky ransomware

Week in Security (August 7 – August 13)

A compilation of security news and blog posts from Monday the 7th of August to August 14th. We looked at security certificates and the new bloated Cerber ransomware.

Categories:

Tags:

(Read more…)

The post Week in Security (August 7 – August 13) appeared first on Malwarebytes Labs.

Continue reading Week in Security (August 7 – August 13)

Report: Second quarter dominated by ransomware outbreaks

The second quarter of 2017 left the security world wondering, “What the hell happened?” With leaks of government-created exploits being deployed against users in the wild, a continued sea of ransomware constantly threatening our ability to work online, and the lines between malware and potentially unwanted programs continuing to blur, every new incident was a wakeup call.In this report, we are going to discuss some of the most important trends, tactics, and attacks of Q2 2017, including an update on ransomware, what is going on with all these exploits, and a special look at all the breaches that happened this quarter.

Categories:

Tags:

(Read more…)

The post Report: Second quarter dominated by ransomware outbreaks appeared first on Malwarebytes Labs.

Continue reading Report: Second quarter dominated by ransomware outbreaks

Japanese language invoice malspam using js files inside zips today

Overnight we have seen another mass Japanese Malspam campaign with a change to the malware downloaders delivering some sort of malware that is  being detected on VirusTotal as a ransomware. I am not certain that is a correct detection. This gang traditionally deliver Ursnif / Gozi  banking Trojan and it has Continue reading → Continue reading Japanese language invoice malspam using js files inside zips today

The return of Locky with fake invoice emails

We  haven’t seen Locky for a long time, so I was quite surprised to see this one. It is an  email with the subject of  Copy of Invoice 79898702coming or pretending to come from  noreply@random email addresses  with a semi-random named zip attachment in the format of  79898702.zip ( random 8 Continue reading → Continue reading The return of Locky with fake invoice emails