Malware

Pierluigi Paganini April 10, 2019
[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

EMOTET spread in Chile targeted financial and banking services. SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. This threat is known as a […]

Pierluigi Paganini April 10, 2019
Sophisticated TajMahal APT Framework remained under the radar for 5 years

Cybersecurity experts at Kaspersky Lab uncovered a highly sophisticated spyware framework dubbed TajMahal that was involved in cyberespionage campaign for at least last 5 years. Cybersecurity researchers at Kaspersky discovered a highly sophisticated spyware framework, dubbed TajMahal, that has been used in cyber operations for at least last 5 years. The TajMahal framework remained undetected until […]

Pierluigi Paganini April 10, 2019
Yoroi Welcomes “Yomi: The Malware Hunter”

Yomi’s malware engine implements a multi-analysis approach that is able to exploit both: static analysis and behavioral analysis, enjoy it” Nowadays malware represents a powerful tool for cyber attackers and cyber criminals all around the world, with over 856 million of distinct samples identified during the last year it is, with no doubt, one of […]

Pierluigi Paganini April 10, 2019
Experts spotted a new Mirai variant that targets new processors

Palo Alto Networks researchers discovered a new variant of the Mirai malware that is targeting more processor architectures than previous ones. Mirai botnet continues to be one of the most dangerous malware in the threat landscape, experts at Palo Alto Networks discovered a new variant that targets more processor architectures than before. Mirai malware first […]

Pierluigi Paganini April 09, 2019
Experts spotted the iOS version of the Exodus surveillance app

In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. Security experts at LookOut have discovered an iOS version of the dreaded surveillance Android app Exodus that was initially found on the official Google Play Store. Exodus for Android is a […]

Pierluigi Paganini April 09, 2019
LimeRAT spreads in the wild

Cybaze-Yoroi ZLab team spotted an interesting infection chain leveraging several techniques able to defeat traditional security defences and spread LimeRAT. Introduction Few days ago, Cybaze-Yoroi ZLab team came across an interesting infection chain leveraging several techniques able to defeat traditional security defences and hiding a powerful inner payload able to seriously threaten its victims.  The […]

Pierluigi Paganini April 08, 2019
Victims of Planetary Ransomware can decrypt their files for free

Researchers at Emsisoft developed a decryptor for the Planetary Ransomware family that could allow victims to decrypt their files for free. Good news for the victims of the Planetary Ransomware, security firm Emsisoft has released a decryptor that allows victims to decrypt their files for free. The name Planetary ransomware comes from the use of […]

Pierluigi Paganini April 05, 2019
Xwo Malware scans the Internet for Exposed Services, Default Passwords

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. The name ‘Xwo‘ comes from […]

Pierluigi Paganini April 05, 2019
Ursnif: The Latest Evolution of the Most Popular Banking Malware

ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction A few days ago, […]

Pierluigi Paganini April 05, 2019
Step By Step Office Dropper Dissection

Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking about how to answer to such questions I received a MalSpam with a Microsoft Office document […]