EternalPetya – WindowsTechs.com

Comparing EternalPetya and BadRabbit

Posted on October 25, 2017 by Bart

I’ve created a table comparing the EternalPetya (ExPetr, NotPetya, etc.) outbreak from June, and the BadRabbit ransomware outbreak from yesterday (2017-10-24).
I have decided to not include WannaCry (WanaCrypt0r), as they are not related, while Eternal… Continue reading Comparing EternalPetya and BadRabbit→

TrickBot comes with new tricks – attacking Outlook and browsing data

Posted on August 1, 2017 by Malwarebytes Labs

TrickBot is still actively maintained and it is not going to leave the landscape any soon. Take a look at its new modules.

Categories:

Tags: dyreza EternalPetya malware Outlook ransomware trickbot WannaCry

Continue reading TrickBot comes with new tricks – attacking Outlook and browsing data→

A week in security (July 10 – July 16)

Posted on July 17, 2017 by Malwarebytes Labs

A compilation of security news and blog posts from the 10th of July to the 16th. We go over our PowerShell, an overview of the Petya ransomware family, and more.

Categories:

Tags: a week in security EternalPetya malware news petya powershell ransomware roundup security

(Read more…)

The post A week in security (July 10 – July 16) appeared first on Malwarebytes Labs.

Continue reading A week in security (July 10 – July 16)→

Keeping up with the Petyas: Demystifying the malware family

Posted on July 14, 2017 by Malwarebytes Labs

Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the backg… Continue reading Keeping up with the Petyas: Demystifying the malware family→

A week in security (July 03 – July 09)

Posted on July 10, 2017 by Malwarebytes Labs

A compilation of security news and blog posts from the 3rd of July to the 9th. We go over our latest Cybercrime Tactics & Techniques Report, summarize the Petya ransomware outbreak, and more.

Categories:

Tags: a week in security adgholas astrum EternalPetya malvertising recap WanaCrypt0r WannaCry weekly blog roundup

(Read more…)

The post A week in security (July 03 – July 09) appeared first on Malwarebytes Labs.

Continue reading A week in security (July 03 – July 09)→

Report: Second quarter dominated by ransomware outbreaks

Posted on July 6, 2017 by Malwarebytes Labs

The second quarter of 2017 left the security world wondering, “What the hell happened?” With leaks of government-created exploits being deployed against users in the wild, a continued sea of ransomware constantly threatening our ability to work online, and the lines between malware and potentially unwanted programs continuing to blur, every new incident was a wakeup call.In this report, we are going to discuss some of the most important trends, tactics, and attacks of Q2 2017, including an update on ransomware, what is going on with all these exploits, and a special look at all the breaches that happened this quarter.

Categories:

Malwarebytes news

Tags: ad fraud adam kujawa Adam McNeil adware Amazon Phishing Armando Orozco astrum boaxxee breach breaches cerber cybercrime tactics & techniques cybercrime tactics and techniques dok DoublePulsar EK EternalBlue EternalPetya exploit kit Findzip fireball handbrake Jaff Jean-Philippe Taggart Jerome Segura kovter Locky Magnitude Malwarebytes malwarebytes labs Marcelo Rivero Nathan Collier NotPetya NSA nymain petya Pieter Artnz proton proton RAT Q2 2017 RIG second quarter ShadowBrokers Tamy Stewart tech support scams Thomas Reed Troldesh WannaCry WDFLoad William Tsing

Continue reading Report: Second quarter dominated by ransomware outbreaks→

All this EternalPetya stuff makes me WannaCry

Posted on July 6, 2017 by Adam McNeil

Get more background on the EternalPetya ransomware. Learn about its origin, attribution, decryption, and the methods of infection and propagation.
Categories:
Cybercrime
Malware
Tags: attributiondecryptionDoublePulsarEternalBlueEternalPetyaEternalRom… Continue reading All this EternalPetya stuff makes me WannaCry→

The key to old Petya versions has been published by the malware author

Posted on July 6, 2017 by Malwarebytes Labs

As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. As a result of the recent events, Janus released his private key, allowing all the victims of the previous Petya attacks, to get their files… Continue reading The key to old Petya versions has been published by the malware author→

A week in security (June 26 – July 02)

Posted on July 3, 2017 by Malwarebytes Labs

A compilation of security news and blog posts from the 26th of June to the 2nd of July. We delved deep into EternalPetya, the latest ransomware to make headlines last week. We also outed a fake WannaCry scanner and touched on other topics like adware, an educational campaign, and phishing.

Categories:

Tags: EternalPetya ransomware recap week in security weekly blog roundup

(Read more…)

The post A week in security (June 26 – July 02) appeared first on Malwarebytes Labs.

Continue reading A week in security (June 26 – July 02)→

EternalPetya – yet another stolen piece in the package?

Posted on June 30, 2017 by Malwarebytes Labs

Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).

Categories:

Tags: attribution EternalPetya hasherezade hexedit janus Malwarebytes NotPetya NSA petya psexec ransomware

Continue reading EternalPetya – yet another stolen piece in the package?→