Attackers Exploit Android Application Package Flaw to Hide Malware

Attackers have started to exploit a vulnerability patched this month in Android that enables the bundling of malware with Android application files (APKs) and evading antivirus products. The vulnerability, known as Janus and identified as CVE-2017-1315… Continue reading Attackers Exploit Android Application Package Flaw to Hide Malware

GuardSquare warns of Android vulnerability ‘Janus’

GuardSquare warns that a New Android vulnerability allows attackers to modify apps without affecting their signatures. “A serious vulnerability (CVE-2017-13156) in Android allows attackers to modify the code in applications without affecting… Continue reading GuardSquare warns of Android vulnerability ‘Janus’

Keeping up with the Petyas: Demystifying the malware family

Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the backg… Continue reading Keeping up with the Petyas: Demystifying the malware family

Petya ransomware developer releases master decryption key, giving hope for victims

The original developer of the Petya ransomware has released a master decryption key that works for all prevision versions of its enciphering creation.
But before you get too excited, it doesn’t work for NotPetya…
David Bisson reports.
Continue reading Petya ransomware developer releases master decryption key, giving hope for victims

The key to old Petya versions has been published by the malware author

As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. As a result of the recent events, Janus released his private key, allowing all the victims of the previous Petya attacks, to get their files… Continue reading The key to old Petya versions has been published by the malware author

EternalPetya – yet another stolen piece in the package?

Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).

Categories:

Tags:

(Read more…)

The post EternalPetya – yet another stolen piece in the package? appeared first on Malwarebytes Labs.

Continue reading EternalPetya – yet another stolen piece in the package?