Threat analysis – Page 15 – WindowsTechs.com

Venus Locker another .NET Ransomware

Posted on August 12, 2016 by Malwarebytes Labs

The current cyber-threat landscape is an ever dynamic threat, we have state-sponsored cyber-threats and very sophisticated cyber-criminals to defend against. These threats come with their own motivations and objectives. We have all come to know ransomw… Continue reading Venus Locker another .NET Ransomware→

Smoke Loader – downloader with a smokescreen still alive

Posted on August 5, 2016 by Malwarebytes Labs

This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.Categories: Malware
Threat a… Continue reading Smoke Loader – downloader with a smokescreen still alive→

PUP Friday: Adware family EoRezo

Posted on August 5, 2016 by Pieter Arntz

EoRezo is a detection name that is in use for a big part of the adware family called Tuto4PC. The adware is bundled with other software and with tutorials (about software). The adware, although annoying, is usually harmless by itself, but that can’t be said about the advertisements and sites it opens on the victim’s computer.

Categories:

Tags: eorezo Pieter Arntz PUP search protect tuto4pc

PUP Friday: Cleaning up with 5 star awards

Posted on July 29, 2016 by Jovi Umawing

Systweak’s RegClean Pro is quite a popular software. Top Ten Reviews, a consumer review portal based in Utah, has ranked it as number one in their “Registry Repair Software” category. It also boasts of having won more than a hundred 5-star awards. Yet in spite of these, something is amiss. With praises for it also…

Categories:

Tags: PUP PUP Friday regclean pro systweak

Unpacking yet another .NET crypter

Posted on July 29, 2016 by Malwarebytes Labs

We look at one of the malicious executables recently delivered by RIG Exploit Kit that was packed in a .NET cryptor and includes similar features as one we found some time ago.Categories: Malware
Threat analysisTags: .NETBeta BotcryptercryptorFUDNeure… Continue reading Unpacking yet another .NET crypter→

From Locky with love – reading malicious attachments

Posted on July 27, 2016 by Malwarebytes Labs

Read on to learn how the latest downloaders used to deliver Locky ransomware and show how to statically decipher their hidden URLs.Categories: Malware
Threat analysisTags: downloaderLocky(Read more…) Continue reading From Locky with love – reading malicious attachments→

Cross-platform malware Adwind infects Mac

Posted on July 22, 2016 by Thomas Reed

We examine a cross-platform malware with a Mac payload and found the hackers behind it really didn’t put that much effort into making it work on the Mac.Categories: Mac
Threat analysisTags: Applemacmalwarerat(Read more…) Continue reading Cross-platform malware Adwind infects Mac→

Online Scams – Why Haven’t we Won Yet?

Posted on July 21, 2016 by William Tsing

Why are these fake Malwarebytes tech support still in business? Here are a few of the structural forces that sometimes prevent us from smiting scammers for great justice.Categories: Criminals
Threat analysis(Read more…) Continue reading Online Scams – Why Haven’t we Won Yet?→

Window Range Manager

Posted on July 20, 2016 by Pieter Arntz

A recently discovered adware called Window Range Manager aka Winrange uses Chrome components to display 3D advertisements, but fails to run on most systems.Categories: PUPs
Threat analysisTags: adsMalwarebytesPUPs(Read more…) Continue reading Window Range Manager→

Third time (un)lucky – improved Petya is out

Posted on July 18, 2016 by Malwarebytes Labs

Petya’s authors got it right at the third attempt. The currently launched wave of this ransomware finally seems to have the proper Salsa20.Categories: Malware
Threat analysisTags: Mischapetyaransomware(Read more…) Continue reading Third time (un)lucky – improved Petya is out→