Collaborate Disseminate
 |
|
| Recently, we took a look at the interesting Trojan found by Bleeping Computer. Our small investigation on its background and possible attribution has led us to the conclusion that this threat is in reality not new – probably it has been designed in 2012 for the purpose of corporate espionage operations. Yet it escaped from…
Categories: Tags: doxingespionageshaktistealertrojan |
 |
|
| Recently, Bleeping Computer published a short article about an unrecognized Trojan that grabs documents from the attacked computer and uploads them into a malicious server. Looking at the characteristics of the tool, we suspect that it has been prepared for the purpose of corporate espionage. So far, no AV has given any meaningful identification to this malware—it is detected under generic names. Since not much is known about its internals, we decided to take a closer look.
Categories: Tags: doxingshaktispywaretrojan |
The current cyber-threat landscape is an ever dynamic threat, we have state-sponsored cyber-threats and very sophisticated cyber-criminals to defend against. These threats come with their own motivations and objectives. We have all come to know ransomw… Continue reading Venus Locker another .NET Ransomware
This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.Categories: Malware
Threat a… Continue reading Smoke Loader – downloader with a smokescreen still alive
 |
|
| EoRezo is a detection name that is in use for a big part of the adware family called Tuto4PC. The adware is bundled with other software and with tutorials (about software). The adware, although annoying, is usually harmless by itself, but that can’t be said about the advertisements and sites it opens on the victim’s computer.
Categories: Tags: eorezoPieter ArntzPUPsearch protecttuto4pc |
 |
|
| Systweak’s RegClean Pro is quite a popular software. Top Ten Reviews, a consumer review portal based in Utah, has ranked it as number one in their “Registry Repair Software” category. It also boasts of having won more than a hundred 5-star awards. Yet in spite of these, something is amiss. With praises for it also…
Categories: Tags: PUPPUP Fridayregclean prosystweak |
We look at one of the malicious executables recently delivered by RIG Exploit Kit that was packed in a .NET cryptor and includes similar features as one we found some time ago.Categories: Malware
Threat analysisTags: .NETBeta BotcryptercryptorFUDNeure… Continue reading Unpacking yet another .NET crypter
Read on to learn how the latest downloaders used to deliver Locky ransomware and show how to statically decipher their hidden URLs.Categories: Malware
Threat analysisTags: downloaderLocky(Read more…) Continue reading From Locky with love – reading malicious attachments
We examine a cross-platform malware with a Mac payload and found the hackers behind it really didn’t put that much effort into making it work on the Mac.Categories: Mac
Threat analysisTags: Applemacmalwarerat(Read more…) Continue reading Cross-platform malware Adwind infects Mac
Why are these fake Malwarebytes tech support still in business? Here are a few of the structural forces that sometimes prevent us from smiting scammers for great justice.Categories: Criminals
Threat analysis(Read more…) Continue reading Online Scams – Why Haven’t we Won Yet?