Home Tags Trojan

Tag: Trojan

Ztorg: money for infecting your smartphone

This research started when we discovered an infected Pokeacute;mon GO guide in Google Play. We detected the malware as Trojan.AndroidOS.Ztorg.ad.

After some searching, I found some other similar infected apps that were being distributed from the Google Play Store.

After I started tracking these infected apps, two things struck me – how rapidly they became popular and the comments in the user review sections.

New ransomware Jaff demands $3,700 payments

Attackers behind the highly successful Locky and Bart ransomware campaigns have returned with a new creation: A malicious file-encrypting program called Jaff that asks victims for payments of around $3,700.Like Locky and Bart, Jaff is distributed via malicious spam emails sent by the Necurs botnet, according to researchers from Malwarebytes. Necurs first appeared in 2012 and is one of the largest and longest-running botnets aroundnbsp;today.[ Make threat intelligence meaningful: A 4-point plan. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]According to an April analysis by researchers from IBM Security, Necurs is made up of about 6 million infected computers and is capable of sending batches of millions of emails at a time.
It is also indirectly responsible for a large percentage of the world's cybercrime because it's the main distribution channel for some of the worst banking Trojan and ransomware programs.To read this article in full or to leave a comment, please click here

Banking Trojan tests new attack techniques against high-profile targets

Major banks targeted as hackers employ redirection attacks against the financial sector.

Mac app developers issue malware warning after server compromise

Those who downloaded HandBrake between certain dates have a '50/50 chance' of being infected with a Remote Access Trojan.

Blackmoon Banking Trojan Goes Modular

Threat actors have begun using a new and unique framework to deliver malware to web users in South Korea, Fidelis says.

Blackmoon Banking Trojan Using New Infection Technique

Security researchers say the Blackmoon banking Trojan targeting exclusively South Korean financial institutions has developed a new malware infection technique.

Free search engine tool hunts down malware-infected computers

Internet search engine Shodan provides enterprise security teams a wealth of information about open ports on servers and other internet-connected devices. Now, as part of a partnership with threat intelligence company Recorded Future, security analysts and researchers can work with Shodan to uncover systems manipulated to control malware-infected devices.Shodan’s specialized crawler doesn’t gather information about websites, but rather details about the connected devices, including servers, routers, webcams, and other internet of things devices.

The new Malware Hunter crawler takes the scanning a step further and actively hunts for computers that are acting as remote access Trojan (RAT) command-and-control servers.

As such, it is a powerful tool for threat analysts, security operations center (SOC) teams, and dedicated security personnel within the enterprise trying to proactively identify and defend against certain types of malware families, said Levi Gundert, vice president of intelligence and strategy at Recorded Future.To read this article in full or to leave a comment, please click here

Behold, the spear phish that just might be good enough to...

Attackers are coming up with creative ways to trick you into opening malicious files.

IBM warns of malware on USB drives shipped to customers

IBM said some flash drives for Storewize initialisation should be destroyed because they may contain Trojan malware.

TrickBot banking Trojan steps up attacks against UK targets

IBM X-Force researchers warn that this sophisticated malware family is fast becoming one of the most prevalent forms of data-stealing banking Trojans

Use of DNS Tunneling for C&C Communications

Often, virus writers don't even bother to run encryption or mask their communications. However, you do get the occasional off-the-wall approaches that don't fall into either of the categories.

Take, for instance, the case of a Trojan that Kaspersky Lab researchers discovered in mid-March and which establishes a DNS tunnel for communication with the C&C server.

Mysterious cat-and-mouse-themed Trojan RAT is potentially dangerous, but its creators and...

The highly skilled nature of the threat actors behind Felismus, and their ability to cover their tracks, means that no-one knows their identity or their target.