Trojan – Page 12 – WindowsTechs.com

Weird JS code injected to most of my browser pages [closed]

Posted on March 13, 2023 by Joey G

Does anyone know what this JS code is doing? It keeps getting injected to most of my browser pages I visit. I have tried different browsers (Chrome/Edge), incognito mode, even disabling all extensions. But it keeps showing up randomly on s… Continue reading Weird JS code injected to most of my browser pages [closed]→

Do viruses survive in other drive and than re infect after resetting the PC?

Posted on March 9, 2023 by newperson

Backstory:
I got infected while installing some shady software and at that time I kept Windows Defender off, (I have very much faith on my shady website) by turning its features off. But when I started noticing some weird behavior, I enabl… Continue reading Do viruses survive in other drive and than re infect after resetting the PC?→

Malvertising through search engines

Posted on March 9, 2023 by Victoria Vlasova, Haim Zigel, Ilya Tyunkin

Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. Continue reading Malvertising through search engines→

Threat landscape for industrial automation systems for H2 2022

Posted on March 6, 2023 by Kaspersky ICS CERT

In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%. Continue reading Threat landscape for industrial automation systems for H2 2022→

How to find the process that is running PowerShell commands that appear in Windows Defender

Posted on March 2, 2023 by Maxime

On one of our Windows Datacenter 2016, there’s an alert that a trojan is trying to install :

The following PowerShell commands are trying to execute at seemingly random hours of the day (always during working hours, one to two times a day… Continue reading How to find the process that is running PowerShell commands that appear in Windows Defender→

The mobile malware threat landscape in 2022

Posted on February 27, 2023 by Tatyana Shishkova

Android threat report by Kaspersky for 2022: malware on Google Play and inside the Vidmate in-app store, mobile malware statistics. Continue reading The mobile malware threat landscape in 2022→

Spam and phishing in 2022

Posted on February 16, 2023 by Tatyana Kulikova, Roman Dedenok, Olga Svistunova, Andrey Kovtun, Irina Shimko

Statistics on spam and phishing with the key trends in 2022: two-stage spear phishing, hijacking of social network and instant messaging accounts, import substitution, and survey phishing. Continue reading Spam and phishing in 2022→

Spam and phishing in 2022

Posted on February 16, 2023 by Tatyana Kulikova, Roman Dedenok, Olga Svistunova, Andrey Kovtun, Irina Shimko

Malicious code somehow hidden with whitespace?

Posted on February 14, 2023 by Eaten by a Grue

I recently came across a php file on a compromised website that had what appeared (in Sublime Text) to be a huge white-space gap. When I run a diff against the original source file I can clearly see the malicious code which is snagging lo… Continue reading Malicious code somehow hidden with whitespace?→

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

Posted on January 19, 2023 by GReAT

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o. Continue reading Roaming Mantis implements new DNS changer in its malicious mobile app in 2022→