Malware

Pierluigi Paganini December 24, 2017
Experts from Bleeping Computer spotted a new Cryptomix Ransomware variant

Security experts spotted a new variant of the CryptoMix ransomware that uses a different extension (.FILE) and a new set of contact emails. Security experts from BleepingComputer discovered a new variant of the CryptoMix ransomware that uses a different extension (.FILE)  to append to the file names of the encrypted files and uses new contact emails. For example, a file encrypted by […]

Pierluigi Paganini December 24, 2017
Financially motivated attacks reveal the interests of the Lazarus APT Group

Researchers at security firm Proofpoint collected evidence of the significant interest of the Lazarus APT group in cryptocurrencies, the group’s arsenal of tools, implants, and exploits is extensive and under constant development. Researchers at security firm Proofpoint collected evidence of the significant interest of the Lazarus APT group in cryptocurrencies. The North Korea-Linked hackers launched several multistage attacks that […]

Pierluigi Paganini December 23, 2017
Experts uncovered a new GlobeImposter Ransomware malspam campaign

Experts observed cybercriminals are conducting a new malspam campaign to distribute a new variant of the GlobeImposter ransomware According to Lawrence Abrams from BleepingComputer, crooks are conducting a new malspam campaign to distribute a new variant of the GlobeImposter ransomware that appends the “..doc” extension to encrypted files. The malicious messages pretend to have attached photos being sent to the […]

Pierluigi Paganini December 23, 2017
Russian Fancy Bear APT Group improves its weapons in ongoing campaigns

Fancy Bear APT group refactored its backdoor and improved encryption to make it stealthier and harder to stop. The operations conducted by Russian Fancy Bear APT group (aka Sednit, APT28, and Sofacy,  Pawn Storm, and Strontium) are even more sophisticated and hard to detect due to. According to a new report published by experts from security firm ESET, the […]

Pierluigi Paganini December 23, 2017
Satori is the latest Mirai botnet variant that is targeting Huawei HG532 home routers

Satori botnet, Mirai variant, is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The Mirai botnet makes the headlines once again, a new variant dubbed Satori is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The activity […]

Pierluigi Paganini December 22, 2017
Digmine Cryptocurrency Miner spreads via Facebook messenger

Researchers from security firm Trend Micro observed crooks spreading a new cryptocurrency mining bot dubbed Digmine via Facebook Messenger. Watch out for video file (packed in zip archive) sent by your friends via Facebook messenger, according to the researchers from security firm Trend Micro crooks are using this technique to spread a new cryptocurrency mining bot dubbed Digmine. The bot […]

Pierluigi Paganini December 21, 2017
Chinese crime group targets database servers for mining cryptocurrency

  Security researchers discovered multiple hacking campaigns conducted by a Chinese criminal gang targeting database servers. The researchers from the security firm GuardiCore Labs Security have discovered multiple hacking campaigns conducted by a Chinese criminal gang targeting database servers. The attackers targeted systems worldwide for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The experts […]

Pierluigi Paganini December 21, 2017
Exclusive, CSE CybSec ZLAB Malware Analysis Report: The Bladabindi malware

The CSE CybSec Z-Lab Malware Lab analyzed a couple of new malware samples, belonging to the Bladabindi family, that were discovered on a looking-good website. ZLab team detected two new threats hosted on a looking-good website www[.]6th-sense[.]eu. Both malware looks like a legitimate app that users have to install in order to access the media file hosted on the […]

Pierluigi Paganini December 20, 2017
Loapi Android malware can destroy your battery mining Monero

Experts from Kaspersky have spotted an Android malware dubbed Loapi that includes a so aggressive mining component that it can destroy your battery. Researchers from security firm Kaspersky Lab have spotted a new strain of Android malware dubbed Loapi lurking in fake anti-virus and porn applications, that implements many features, including cryptocurrency mining. Loapi can be used to perform a […]

Pierluigi Paganini December 19, 2017
U.S. blames North Korea for the massive WannaCry ransomware attack

It’s official, according to Tom Bossert, homeland security adviser, the US Government attributes the massive ransomware attack Wannacry to North Korea. It’s official, the US Government attributes the massive attack Wannacry to North Korea. The news of the attribution was first reported by The Wall Street Journal,  according to the US Government, the WannaCry attack […]