Collaborate Disseminate
When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-ste… Continue reading Reversing malware in a custom format: Hidden Bee elements
A new downloader, which has been spotted in an array of recent email campaigns, uses anti-analysis techniques and calls in a system fingerprinting module. Continue reading Highly Flexible Marap Malware Enters the Financial Scene
A new malicious campaign has compromised more than 40,000 machines globally to monetize via traffic hijacking and cryptomining.
Continue reading Operation Prowli Profits On Weak IoT Devices, Servers
Who would have thought that you could light up pyrotechnics on USB power? This USB keystroke injector that blows up after it’s used proves the concept.
Fully aware that this is one of those “just because you can doesn’t mean you should” projects, [MG] takes pains to point out that his danger dongle is just for dramatic effect, like a prop for a movie or the stage. In fact, he purposely withholds details on the pyrotechnics and concentrates on the keystroke injection aspect, potentially nasty enough by itself, as well as the dongle’s universal payload launching features. We’re a little …read more
Continue reading This USB Drive Will Self-Destruct After Ruining Your Computer
SpaceX just concluded 2017 by launching 10 Iridium NEXT satellites. A footnote on the launch was the “hosted payload” on board each of the satellites: a small box of equipment from Aireon. They will track every aircraft around the world in real-time, something that has been technically possible but nobody claimed they could do it economically until now.
Challenge one: avoid adding cost to aircraft. Instead of using expensive satcom or adding dedicated gear, Aireon listen to ADS-B equipment already installed as part of international air traffic control modernization. But since ADS-B was designed for aircraft-to-aircraft and aircraft-to-ground, Aireon had …read more
Continue reading Aireon Hitchhikes on Iridium to Track Airplanes
There is a growing trend among malware authors to incorporate legitimate applications in their malicious package. This time, we encountered a malware downloading a legitimate ffmpeg.
Categories:
Malware
Threat analysis
Tags: .NETffmpegmalwarepayload… Continue reading A .NET malware abusing legitimate ffmpeg
A newly discovered malware framework, which some believe carries signs of Russian authorship, can be used by hackers to disrupt industrial control systems and cause mass power outages, according to research conducted by cybersecurity firms Dragos Inc. and ESET. The findings are significant because they represent the first known real-world case of a computer virus designed to directly interact with electric grid hardware, explained Sergio Caltagirone, director of threat intelligence for Dragos. Researchers believe that a version of the malware framework, dubbed “CrashOverride” or “Industroyer,” was previously leveraged to hack into an electric transmission station in Ukraine causing a black out for several hours last December in neighborhoods just north of Kiev. Evidence of a connection between CrashOverride’s author and the attackers behind last year’s Ukrainian power grid incident exists, according to Caltagirone, but was not published in Dragos’ technical analysis. In January, iSight Partners, a subsidiary of U.S. cybersecurity […]
The post Researchers find cyberweapon capable of knocking out electric grids appeared first on Cyberscoop.
Continue reading Researchers find cyberweapon capable of knocking out electric grids
A newly discovered malware framework, which some believe carries signs of Russian authorship, can be used by hackers to disrupt industrial control systems and cause mass power outages, according to research conducted by cybersecurity firms Dragos Inc. and ESET. The findings are significant because they represent the first known real-world case of a computer virus designed to directly interact with electric grid hardware, explained Sergio Caltagirone, director of threat intelligence for Dragos. Researchers believe that a version of the malware framework, dubbed “CrashOverride” or “Industroyer,” was previously leveraged to hack into an electric transmission station in Ukraine causing a black out for several hours last December in neighborhoods just north of Kiev. Evidence of a connection between CrashOverride’s author and the attackers behind last year’s Ukrainian power grid incident exists, according to Caltagirone, but was not published in Dragos’ technical analysis. In January, iSight Partners, a subsidiary of U.S. cybersecurity […]
The post Researchers find cyberweapon capable of knocking out electric grids appeared first on Cyberscoop.
Continue reading Researchers find cyberweapon capable of knocking out electric grids