malware description – WindowsTechs.com

IT threat evolution Q1 2018

Posted on May 14, 2018 by David Emm

In January, we uncovered a sophisticated mobile implant Skygofree that provides attackers with remote control of infected Android devices. Network worm OlympicDestroyer attacked on the Olympic infrastructure just before the opening of the games in February. Continue reading IT threat evolution Q1 2018→

The Slingshot APT FAQ

Posted on March 9, 2018 by GReAT

While analyzing some memory dumps suspicious of being infected with a keylogger, we identified a library containing strings to interact with a virtual file system. This turned out to be a malicious loader internally named “Slingshot”. Continue reading The Slingshot APT FAQ→

The devil’s in the Rich header

Posted on March 8, 2018 by GReAT

In our previous blog , we detailed our findings about the attack against the Pyeongchang 2018 WinterOlympics. For this investigation, our analysts were provided with administrative access to one of the affected servers located in a hotel based in Pyeongchang county, South Korea. In addition, we collected all available evidence from various private and public sources and worked with several companies on investigating the C&C infrastructure associated with the attackers. Continue reading The devil’s in the Rich header→

OlympicDestroyer is here to trick the industry

Posted on March 8, 2018 by GReAT

A couple of days after the opening ceremony of the Winter Olympics in Pyeongchang, South Korea, we received information from several partners, on the condition of non-disclosure (TLP:Red), about a devastating malware attack on the Olympic infrastructure. Continue reading OlympicDestroyer is here to trick the industry→

Tales from the blockchain

Posted on October 31, 2017 by Sergey Yunakovsky

We will tell you two unusual success stories that happened on the “miner front”. The first story echoes the TinyNuke event and, in many respects gives an idea of the situation with miners. The second one proves that to get crypto-currency, you don’t need to “burn” the processor. Continue reading Tales from the blockchain→

CowerSnail, from the creators of SambaCry

Posted on July 25, 2017 by Sergey Yunakovsky

We recently reported about SambaCry, a new family of Linux Trojans exploiting a vulnerability in the Samba protocol. A week later, Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. Continue reading CowerSnail, from the creators of SambaCry→