Home Tags Malware

Tag: malware

Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising. Malicious software was called computer virus before the term malware was coined in 1990 by Yisrael Radai. The first category of malware propagation concerns parasitic software fragments that attach themselves to some existing executable content. The fragment may be machine code that infects some existing application, utility, or system program, or even the code used to boot a computer system. Malware is defined by its malicious intent, acting against the requirements of the computer user, and does not include software that causes unintentional harm due to some deficiency.

Malware may be stealthy, intended to steal information or spy on computer users for an extended period without their knowledge, as for example Regin, or it may be designed to cause harm, often as sabotage (e.g., Stuxnet), or to extort payment (CryptoLocker). ‘Malware’ is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruseswormstrojan horsesransomwarespywareadwarescareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. Malware is often disguised as, or embedded in, non-malicious files. As of 2011 the majority of active malware threats were worms or trojans rather than viruses.

Microsoft now sees over 600,000 PCs exposed to coin-mining malware each month.
Cryptocurrency mining and ransomware were other major threats.
Popular Calendar 2 app mines Monero by default, but at least it discloses it.
At the Security Analyst Summit this year in Cancun, FireEye's Marina Krotofil talks about the Triton malware, first disclosed in December 2017, that targets industrial control systems.
As investigations continue about the backdoor that was planted in CCleaner, Avast said it has found that the actors behind the attack were planning to install a third round of malware on compromised computers.
Slingshot malware infects PCs via files downloaded from compromised routers.
Some 3.3 million malicious mobile apps were detected in Asia-Pacific, which also was the region most affected across several categories including ransomware and online banking malware.
Nation-sponsored Slingshot is one of the most advanced attack platforms ever.
Improved anti-malware detection prevented spread of cryptomining software this week, says Microsoft.
Advanced router code has been in circulation for six years If you’re trying to hack an organization then pwning the sysadmin's machine gives you the keys to the kingdom, and an advanced malware writer has found a clever way to do just that.…

Masha and these Bears

Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a prolific, well resourced, and persistent adversary.

They are sometimes portrayed as wild and reckless, but as seen under our visibility, the group can be pragmatic, measured, and agile.

The Slingshot APT FAQ

While analyzing some memory dumps suspicious of being infected with a keylogger, we identified a library containing strings to interact with a virtual file system.

This turned out to be a malicious loader internally named “Slingshotrdquo;.