Malware

Pierluigi Paganini November 18, 2016
Mirai botnet leverages STOMP Protocol to power DDoS attacks

Cyber criminals are exploiting the capability of the Mirai botnet to use the STOMP Protocol to launch massive DDoS attacks. The Linux Mirai IoT malware is one of the most popular cyber threats in the moment, its botnet was used to power the massive attacks against the Dyn DNS service, OVH, Brian Krebs’ blog, and likely […]

Pierluigi Paganini November 17, 2016
CryptoLuck Ransomware spread through the RIG-E Exploit Kit

CryptoLuck ransomware is a new strain of malware discovered by the researcher Kafeine, that is being distributed via the RIG-E exploit kit. The notorious researcher Kafeine has spotted a new strain of ransomware dubbed CryptoLuck. The malware leverages DLL hijacking and exploits the legitimate GoogleUpdate.exe executable to infect computers. The ransomware appends the .[victim_id]_luck extension to the encrypted […]

Pierluigi Paganini November 15, 2016
Ransomware: How to recover your encrypted files, the last guide.

In this guide, we will explain how to recover encrypted files focusing on the Data-Locker Ransomware that targets the Windows operating system. Why my system asks me to pay? A ransomware is a computer malware that limits the access of a system and ask for a ransom in order to remove that restriction. The restriction […]

Pierluigi Paganini November 15, 2016
CrySis ransomware decryption keys published online

The decryption keys for the CrySis ransomware were posted online on the BleepingComputer.com forum by a user known as crss7777. Good news for the victims of the CrySis ransomware, on Sunday the master decryption keys were released to the public. Security experts from Kaspersky Lab have already included the decryption keys in the Rakhni decryptor allowing victims […]

Pierluigi Paganini November 11, 2016
Telecrypt ransomware abuses Telegram Messenger’s communication protocol

Telecrypt ransomware is a new malware that abuses the instant messaging service Telegram for command and control (C&C) communications. Security experts from Kaspersky Lab have spotted a new Ransomware, called Telecrypt (Trojan-Ransom.Win32.Telecrypt), that abuses the Telegram instant messaging service for communications with command and control (C&C). The Delphi-written Trojan, which is currently targeting only Russian users, it exploits […]

Pierluigi Paganini November 10, 2016
MalwareMustDie is closed for protest against the NSA

The Legendary Blog of MalwareMustDie is closed for protest against NSA hacking trace of educational and public servers of harmless countries. The Shadow Brokers, the hacker group that hacked NSA hackers, who have previously released NSA hacking tools for anyone to download, published more files containing the IP address of 49 countries that have been […]

Pierluigi Paganini November 09, 2016
Malvertising campaign delivered Android Svpeng Trojan via a zero-day in Chrome

Kaspersky discovered a new strain of the Svpeng Trojan delivered through popular news websites using Google’s AdSense via a zero-day in Chrome. Crooks exploited a Chrome Zero-Day vulnerability to deliver the Android Svpeng Trojan to Android users via Google AdSense. The Svpeng Trojan is not a new threat, it was first spotted by Kaspersky Lab in July 2013 when threat […]

Pierluigi Paganini November 08, 2016
Technical analysis of the Locker virus on mobile phones

Security experts from Cheetah Mobile Security Research Lab published an interesting Technical analysis of the mobile variant of the Locker virus. Blatant malicious behavior of the Locker virus The Locker virus can easily be identified by its blatant malicious behavior. Here are the tell-tail signs: Windows appear on the top of the home screen that […]

Pierluigi Paganini November 06, 2016
Commercial Exaspy spyware used to target high-level executives

Security researchers at Skycure have discovered a new commodity Android Spyware, dubbed Exaspy, targeting high-level executives. While in many countries the number of Smartphone and Tables is greater of desktop PC, new threats are targeting mobile devices. Researchers at Skycure have discovered a new strain of Android spyware, dubbed Exaspy, that has been used in targeted attacks against […]

Pierluigi Paganini November 04, 2016
Malware used to spy Iran’s nuclear negotiations in the Geneve’s venue

Switzerland’s attorney general has confirmed to have investigated the presence of spyware in a venue that also hosted talks on Iran’s nuclear negotiations. Swiss officials confirmed to have found an espionage malware in the computer equipment at Geneva venue, a five-star hotel (believed to be Hotel Président Wilson)  that has hosted sensitive talks including Iranian nuclear negotiations. […]