Malware - Security Intelligence

A businessman using a laptop: remote access Trojan

news

TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan

Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.

November 20, 2018 | By David Bisson

news

Illustration of menacing birds flying over a computer monitor: Hawkeye keylogger

news

Threat Actors Exploit Equation Editor to Distribute Hawkeye Keylogger

A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.

November 15, 2018 | By Douglas Bonderud

news

Illustration of a chain in a crisscross formation over a laptop screen: ransomware-as-a-service

news

Ransomware-as-a-Service Program Offers Affiliates Up to 75 Percent of Revenue to Spread Infection

A ransomware-as-a-service program called FilesLocker offers affiliates commissions of up to 75 percent on all revenue stolen from victims.

November 8, 2018 | By Shane Schick

news

Illustration of images on a computer screen representing steganography.

news

NARWHAL SPIDER Uses Steganography to Deliver URLZone Malware in Cutwail Spam Campaign

A new Cutwail spam campaign is leveraging steganography — hiding data within images — to compromise devices and download URLZone.

November 7, 2018 | By Douglas Bonderud

news

Illustration representing a malware campaign.

news

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.

November 5, 2018 | By Shane Schick

news

Illustration of a financial building on a fish hook: powershell malware

news

Lock and sLoad: PowerShell Malware Downloader Geofences Attacks for Maximum Impact

A PowerShell malware downloader known as sLoad uses geofencing, customized emails and device reconnaissance to identify high-value Trojan targets.

November 1, 2018 | By Douglas Bonderud

news

A woman using a smartphone in a cafe: banking malware

news

30,000 Android Users Infected With Banking Malware From 29 Bogus Apps

Nearly 30,000 Android users accidentally downloaded banking malware after filling out phishing forms that were personalized based on the apps they use.

November 1, 2018 | By Shane Schick

news

A man looking at his phone, which is infected with TimpDoor malware.

news

Cybercriminals Distribute TimpDoor Malware to Turn Android Devices Into Network Proxies

The TimpDoor malware family enables cybercriminals to turn infected Android devices into network proxies without users' knowledge.

October 30, 2018 | By David Bisson

news

Computer with a search engine open in a web browser: SEO poisoning

article

How SEO Poisoning Campaigns Are Mounting a Comeback

SEO poisoning is on the rise again. How do threat actors use search engine results to drive victims to malicious sites, and what can users do to protect themselves?

October 30, 2018 | By Grant Gross

article

Illustration of a laptop representing a distributed denial-of-service (DDoS) attack.

news

Chalubo Bot Family Launches Distributed Denial-of-Service Attacks Against Linux Systems

Researchers discovered a family of bots dubbed Chalubo launching distributed denial-of-service (DDoS) attacks to brute-force Linux-based systems running internet-facing SSH servers.

October 29, 2018 | By Shane Schick

news

Tag: Malware