Malware

Pierluigi Paganini June 06, 2017
Experts shut down tens of thousands of subdomains set up with a domain shadowing campaign

Experts killed tens of thousands of subdomains used by crooks to host the RIG Exploit Kit that were set up with a domain shadowing campaign. GoDaddy and RSA Security, with the support of other security companies and researchers, have shut down tens of thousands of illegally established subdomains used by crooks to host the RIG Exploit […]

Pierluigi Paganini June 04, 2017
QakBot Banking malware causes massive Active Directory lockouts

Security experts at IBM noticed that hundreds to thousands of Active Directory users were locked out of their company’s domain by the QakBot Banking malware Malware researchers at IBM noticed that hundreds to thousands of Active Directory users were locked out of their organization’s domain, the incident is caused by the Qbot banking malware. The […]

Pierluigi Paganini June 03, 2017
Jaff Ransomware campaigns linked to a black marketplace

Security researchers linked Jaff ransomware campaigns to the backend infrastructure used by operators behind a black market. Security researchers at Heimdal Security who are investigating a new strain of Jaff ransomware discovered that the malware is sharing the backend infrastructure with a black market offering for sale stolen card data and account information. The black […]

Pierluigi Paganini June 03, 2017
NSA Exploit EternalBlue is becoming even common in hacking tools and malware

Security Experts are observing a significant increase in the number of malware and hacking tools leveraging the ETERNALBLUE NSA exploit. ETERNALBLUE is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack. ETERNALBLUE targets the SMBv1 protocol and it has become widely adopted in the community of malware developers. Investigations on WannaCry […]

Pierluigi Paganini June 02, 2017
The Fireball malware already infected more than 250 million computers worldwide running both Windows and Mac OS

Check Point have discovered a massive malware campaign spreading the Fireball malware, it has already infected more than 250 million computers worldwide Security researchers at Check Point have discovered a massive malware campaign spreading the Fireball malware. The malicious code has already infected more than 250 million computers worldwide running both Windows and Mac OS. […]

Pierluigi Paganini June 01, 2017
#Vault7: CIA Pandemic implant turns file servers into malware infectors

Wikileaks released a new lot of documents belonging to the Vault7 dump that details the CIA project codenamed ‘Pandemic implant’ Wikileaks released a new batch of documents belonging to the Vault7 archive related to the CIA project codenamed ‘Pandemic.’ RELEASE: CIA 'Pandemic' Windows infection malware documentation #Vault7 https://t.co/YfxAKT1pog pic.twitter.com/HhmmvUBupi — WikiLeaks (@wikileaks) June 1, 2017 The Pandemic […]

Pierluigi Paganini May 31, 2017
Judy Doesn’t Love You – Judy Malware has a sweet name but may have infected 36 million users

Experts found a new malware, dubbed Judy malware, in the Play Store, it is designed to infect Android devices and generate false clicks on advertisements. Google is suffering once again from malicious software applications found inside popular apps available on Play store. The new malware – code named “Judy” – is designed to infect Android […]

Pierluigi Paganini May 27, 2017
Experts tracked a German hacker behind the spreading of Houdini Worm on Pastebin

Security experts at Recorded Future tracked a German hacker for the propagation of the Houdini worm through Pastebin sites. A German hacker that goes online with the moniker Vicswors Baghdad is the responsible for the propagation of the Houdini malware on Pastebin sites. According to the expert at Recorded Future, the same threat actor appears to be […]

Pierluigi Paganini May 25, 2017
Master Keys for Crysis ransomware released on a forum

Researchers at ESET security firm have discovered that someone has released 200 master keys for the latest variants of the prominent Crysis ransomware. While security experts continue to investigate the WannaCry attack, someone has released 200 master keys for the latest variants of the prominent Crysis ransomware. The file encrypted by this version have the .wallet and […]

Pierluigi Paganini May 23, 2017
Expert founds EternalRocks, a malware that uses 7 NSA Hacking Tools

A security expert discovered a new worm, dubbed EternalRocks, that exploits the EternalBlue flaw to spread itself like WannaCry ransomware. The security expert Miroslav Stampar, a member of the Croatian Government CERT, has discovered a new worm, dubbed EternalRocks, that exploits the EternalBlue flaw in the SMB protocol to spread itself like the popular WannaCry ransomware. […]