downloader – Page 2 – WindowsTechs.com

US Government Site Was Hosting Ransomware

Posted on September 1, 2017 by Michael Mimoso

As recently as Wednesday afternoon, a U.S. government website was hosting a malicious JavaScript downloader that led victims to installations of Cerber ransomware. The malware link has since been taken down. Continue reading US Government Site Was Hosting Ransomware→

Microsoft uncovers hacking operation aimed at software supply chain

Posted on May 5, 2017 by Chris Bing

Microsoft researchers recently uncovered a sophisticated hacking campaign that was serving targeted malware to “several high-profile technology and financial organizations.” The unidentified hackers reportedly compromised a set of third-party editing software tools by injecting malicious code into the programs’ updating mechanism, Windows Defender Advanced Threat Protection research team found. The recent findings underscore the threat organizations face through vulnerable, third-party applications. In many cases, such applications and services are commonly integrated into a company’s IT infrastructure; widening the attack vector for hackers. “[A] forensic examination of the Temp folder on [a] affected machine pointed us to a legitimate third-party updater running as service,” a Microsoft blog reads. “The updater downloaded an unsigned, low-prevalence executable right before malicious activity was observed. The downloaded executable turned out to be a malicious binary that launched PowerShell scripts bundled with the Meterpreter reverse shell, which granted the remote attacker silent control. The binary is detected by […]

The post Microsoft uncovers hacking operation aimed at software supply chain appeared first on Cyberscoop.

Continue reading Microsoft uncovers hacking operation aimed at software supply chain→

A week in security (Feb 6th – Feb 12th)

Posted on February 15, 2017 by Malwarebytes Labs

A round up of the last week’s notable security stories.Categories: Security world
Week in securityTags: downloadermacsafer internet daySpigotweekly round up(Read more…) Continue reading A week in security (Feb 6th – Feb 12th)→

PUP Friday: Let’s talk generic

Posted on October 7, 2016 by Jovi Umawing

For this PUP Friday post, we’re going to look into PUPs that we can simply classify as “Downloaders”. We have sampled a program called the Internet Download Manager, which is capable of downloading other files we detect as PUP and connects to sites lea… Continue reading PUP Friday: Let’s talk generic→

Smoke Loader – downloader with a smokescreen still alive

Posted on August 5, 2016 by Malwarebytes Labs

This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.Categories: Malware
Threat a… Continue reading Smoke Loader – downloader with a smokescreen still alive→

From Locky with love – reading malicious attachments

Posted on July 27, 2016 by Malwarebytes Labs

Read on to learn how the latest downloaders used to deliver Locky ransomware and show how to statically decipher their hidden URLs.Categories: Malware
Threat analysisTags: downloaderLocky(Read more…) Continue reading From Locky with love – reading malicious attachments→