Collaborate Disseminate
Locky attempts to evade detection by relying once more on simply, yet effective user interaction.
Categories:
Malware
Threat analysis
Tags: Lockymacroransomwareword
(Read more…)
The post Locky ransomware adds anti sandbox feature appeared first … Continue reading Locky ransomware adds anti sandbox feature
We review a trick that the Magnitude exploit kit uses to bypass security scanners.
Categories:
Exploits
Threat analysis
Tags: binary paddingcerberexploit kitgateMagnigatemagnitude EKransomwareXML
(Read more…)
The post Cerber ransomware delivered… Continue reading Cerber ransomware delivered in format of a different order of Magnitude
 |
|
| TrickBot is still actively maintained and it is not going to leave the landscape any soon. Take a look at its new modules.
Categories: Tags: dyrezaEternalPetyamalwareOutlookransomwaretrickbotWannaCry |
The post TrickBot comes with new tricks – attacking Outlook and browsing data appeared first on Malwarebytes Labs.
Continue reading TrickBot comes with new tricks – attacking Outlook and browsing data
There is a growing trend among malware authors to incorporate legitimate applications in their malicious package. This time, we encountered a malware downloading a legitimate ffmpeg.
Categories:
Malware
Threat analysis
Tags: .NETffmpegmalwarepayload… Continue reading A .NET malware abusing legitimate ffmpeg
 |
|
| Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).
Categories: Tags: attributionEternalPetyahasherezadehexeditjanusMalwarebytesNotPetyaNSApetyapsexecransomware |
The post EternalPetya – yet another stolen piece in the package? appeared first on Malwarebytes Labs.
Continue reading EternalPetya – yet another stolen piece in the package?
The latest Petya seems to be broken on purpose: the victims’ keys are lost forever.
Categories:
Malware
Threat analysis
Tags: EternalPetyagoldeneyepetyaPetya ransomwareransomwareWanaCrypt0rWannaCryWannaCrypt
(Read more…)
The post EternalPetya an… Continue reading EternalPetya and the lost Salsa20 key
A new tech support scam campaign is being pushed in lieu of exploit kits. We take a look at its distribution method and how it is able to bring browsers to their knees.
Categories:
Social engineering
Threat analysis
Tags: eitestexploit kitmalvertisin… Continue reading The numeric Tech Support Scam campaign
No macro, no exploit. This attack uses mouse movement to launch malicious code in booby-trapped documents.
Categories:
Social engineering
Threat analysis
Tags: PowerPointpowershellSocial Engineering
(Read more…)
The post New social engineering s… Continue reading New social engineering scheme triggers on mouse movement
 |
|
| In this blog, we discuss techniques to detect fake reviews, fake reviewers, and shady online image management techniques.
Categories: Tags: review sitesshillshill reviewssockpuppets |
The post Spotting fake reviews – have healthy online skepticism appeared first on Malwarebytes Labs.
Continue reading Spotting fake reviews – have healthy online skepticism
WanaCrypt0r is a ransomware infection that has spread through many corporate networks. Read a technical analysis of the worm that allowed it to do this.
Categories:
Malware
Threat analysis
Tags: microsoftNHSNHS WanaCryptornhs wannacryptorransomwareWa… Continue reading The worm that spreads WanaCrypt0r