Collaborate Disseminate
In this blog, we expose a family of backdoor drivers that have been included in various PUPs of Chinese origin for several years.
Categories:
Malware
PUP/PUM
Threat analysis
Tags: IOCTLPUPPUPs
(Read more…)
The post Chinese PUPs and backdoor driv… Continue reading Chinese PUPs and backdoor drivers: making systems less secure since 2013
 |
|
| In this short series of posts, we will take a deep dive in a sample of Diamond Fox delivered by the Nebula Exploit Kit (described here). We will also make a brief comparison with the old, leaked version, in order to show the evolution of this product.
Categories: Tags: Diamond FoxGornychmalwareVisual BasicVisual Basic Decompiler |
The post Diamond Fox – part 1: introduction and unpacking appeared first on Malwarebytes Labs.
Continue reading Diamond Fox – part 1: introduction and unpacking
Spora ransomware has joined the family of ransomware created by professionals. Take a closer look at Spora.
Categories:
Malware
Threat analysis
Tags: malwareransomwareSporaSpora Ransomware
(Read more…)
The post Explained: Spora ransomware appear… Continue reading Explained: Spora ransomware
CryptoBlock is an interesting ransomware to keep an eye on. We expect this to be a ransomware that is in development to eventually develop into a RaaS (Ransomware as a Service).
Categories:
Malware
Threat analysis
Tags: CryptoBlockraasransomwareRanso… Continue reading CryptoBlock ransomware and its C2
We take a look at the current exploit kit scene (Winter 2017) according to our telemetry and honeypots.
Categories:
Exploits
Threat analysis
Tags: EKexploit kitsMagnitudemalvertisingmalvertsmalwareneutrinoransomwareRIGsundown
(Read more…)
Several solutions to isolate and analyze a VM network traffic for malware analysis purpose exist. Whonix, Tor and Virtual makes this process painless and efficient.
Categories:
How-tos
Threat analysis
Tags: networkprotectionsecurityVirtual MachinesVM… Continue reading Torify and analyze traffic for your VM
 |
|
| In our first wrap-up of the threat landscape, we are going to cover the trends observed during the last few months of 2016, provide an analyst’s view of the threats, and offer some predictions for the beginning of 2017. Moving forward, every quarter we will bring you a view of the threat landscape through the eyes of Malwarebytes researchers and analysts.
Categories: Tags: 2016ad fraudcerbercybercrimekovterLockymalwarebytes labspredictionsransomwarereporttrends |
The post Malwarebytes Labs Presents: The Cybercrime Tactics and Techniques Report appeared first on Malwarebytes Labs.
Continue reading Malwarebytes Labs Presents: The Cybercrime Tactics and Techniques Report
Yet another trick to watch out for with this free antivirus offer that misleads you into calling tech support scammers.
Categories:
Social engineering
Threat analysis
Tags: antiviruscouponGoogle ChromeMcAfeenortontech support scamTSS
(Read more…)
… Continue reading Free antivirus coupon leads to tech support scam
We take another look at the Neutrino bot, known for its diverse feature set ranging from snooping on victims to performing DDos attacks. This latest version includes a hardened protective layer aimed at defeating sandboxes and hiding the bot from disc… Continue reading New Neutrino Bot comes in a protective loader
February has been a relatively busy month in the world of Mac malware, and now it has gotten busier with the appearance of the second piece of ransomware ever to affect macOS. Categories: Mac
Threat analysisTags: Adobe Premier ProAppleFindzipmacmacOSm… Continue reading Mac ransomware on piracy sites