Pieter Arntz – Page 5 – WindowsTechs.com

Explained: WMI hijackers

Posted on October 5, 2016 by Pieter Arntz

This post describes how WMI hijackers work and why they are hard to find on an affected system. It also shows an example of such a hijacker called Yeabests after the domain it hijacks to.Categories: Cybercrime
MalwareTags: elexhijackerPieter ArntzPUPs… Continue reading Explained: WMI hijackers→

Hosts file hijacks

Posted on September 21, 2016 by Pieter Arntz

The hosts file is the internet variant of a personal phonebook. We discuss a few malware variants that replace or change that phonebook, so you end up calling the wrong sites. The ones they want you to call.Categories: Cybercrime
MalwareTags: dnshijac… Continue reading Hosts file hijacks→

Surfacing HTA infections

Posted on September 13, 2016 by Pieter Arntz

We show two examples of HTA induced infections we have seen recently. Nothing fancy, but feel free to consider it a general warning, that malware authors are expanding the number of file extensions they are using, to spread their payload.Categories: Cy… Continue reading Surfacing HTA infections→

File-in-the-middle hijackers

Posted on August 23, 2016 by Pieter Arntz

This may be a new trend among browser hijackers, but it seems more than a coincidence that we found two browser hijackers using a very similar approach to reach their goal of taking victims to the sites of their choice.Categories: Cybercrime
MalwareTa… Continue reading File-in-the-middle hijackers→

PUP Friday: Adware family EoRezo

Posted on August 5, 2016 by Pieter Arntz

EoRezo is a detection name that is in use for a big part of the adware family called Tuto4PC. The adware is bundled with other software and with tutorials (about software). The adware, although annoying, is usually harmless by itself, but that can’t be said about the advertisements and sites it opens on the victim’s computer.

Categories:

Tags: eorezo Pieter Arntz PUP search protect tuto4pc

Intentional security holes

Posted on July 7, 2016 by Pieter Arntz

Sinkholes and watering holes are two words not automatically associated with computer security, yet they are in use to describe two tactics that are used in this field. Categories: Cybercrime
Social engineeringTags: Pieter Arntzsinkholesinkholesthe mo… Continue reading Intentional security holes→

Tech support scammer follow-up

Posted on June 27, 2016 by Pieter Arntz

This post is a sequel to Tech support scammers using Winlogon. As we have found after writing that post there are many variants of this scam.Categories: Cybercrime
Social engineeringTags: +1-844-459-8882Pieter Arntzscamshelltech supportwinlogon(Read m… Continue reading Tech support scammer follow-up→

Email spoofing

Posted on June 15, 2016 by Pieter Arntz

Email spoofing basically comes down to sending emails with a false sender address. This can be used in various ways by threat actors. Categories: Cybercrime
Social engineeringTags: emailphishPieter Arntzspamspoofedspoofing(Read more…) Continue reading Email spoofing→