malware

  1. S

    PCMag: Game of Thrones Torrents are Perfect for Delivering Malware

    This alarmist story is making the rounds everywhere, claiming that downloading GoT torrents is dangerous. https://securitywatch.pcmag.com/malware/310063-game-of-thrones-torrents-are-perfect-for-delivering-malware But is it? Lets Dig in a bit more and go to the original Kaspersky report that...
  2. TheOne&OnlyZeke

    Office Depot Fined $25 Million Over Bogus AntiMalware Software

    The FTC has fined Office Deport 25 Million Dollars over its use of basically fake AntiMalware software. "Using a program called PC Health Check, the FTC claimed in its complaint that Office Depot, its subsidiary OfficeMax, and its service provider Support.com ran a program that ostensibly...
  3. DooKey

    Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers

    If you are one of the folks that likes to install the crap that ASUS provides with your motherboard you might just have a nasty backdoor installing malware. According to Kaspersky Labs, via Motherboard, the ASUS servers were hacked last year and the hackers used it to install malware using the...
  4. AlphaAtlas

    Study Claims 39% of Counter-Strike Servers are Infected With Malware

    In spite of the battle royale craze and a more modern sequel, the original Counter-Strike is still a massively popular game. The FPS had nearly 15,000 concurrent players at the time of this writing, and there are still thousands of registered 3rd party servers. However, a recent study from Dr...
  5. AlphaAtlas

    Malspam Exploits a WinRAR Security Hole

    Last week, researchers unveiled a 19 year old bug in an ancient ACE archive decompresser that, up until recently, shipped with modern builds of WinRAR. WinRAR's own website suggests that the software has a userbase of over 500 million, and while the latest beta versions of the software have...
  6. cageymaru

    The NSA to Release Free "GHIDRA" Reverse Engineering Tool

    The US National Security Agency (NSA) is scheduled to release the "GHIDRA" reverse engineering tool that allows researchers to disassemble executable files into assembly code that can be read and analysed. This will allow members of cyber defense teams around the world to peer into the inner...
  7. cageymaru

    The U.S. Department of Justice Indicts Two Iranians of Deploying SamSam Ransomware

    The U.S. Department of Justice has unsealed an indictment of two Iranians for computer hacking and deploying a crippling style of ransomware called "SamSam Ransomware" onto American and Canadian public institutions such as hospitals and municipalities. Faramarz Shahi Savandi, 34, and Mohammad...
  8. cageymaru

    The United States DOJ Dismantles International Ad Fraud Cybercriminal Ring

    The United States Department of Justice has arrested three foreign nationals and charged a total of eight people with running an international cybercriminal ring called 3ve that bilked over $30 million from the digital advertising industry. The charges in the 13-count indictment include wire...
  9. cageymaru

    Make-A-Wish Website Was Infected with Cryptocurrency Mining Malware

    The Make-A-Wish website was recently infected with a cryptocurrency mining malware called CoinImp which was hosted by "drupalupdates.tk." Cybercriminals obfuscate malware with various methods that make blacklist solutions obsolete. Trustwave says the injected script was removed. Trustwave SWG...
  10. cageymaru

    A Malware Strain Uses the Windows Installer and Self Destructs to Elude Detection

    A new strain of malware detected as Coinminer.Win32.MALXMR.TIAOODAM, will install a cryptocurrency miner on a victim's system uses a Windows Installer MSI file to avoid detection and security filters. It will then hide in the AppData folder which is normally hidden. It password protects some...
  11. cageymaru

    Google Chrome 71 to Block More Intrusive Advertising

    Google Chrome already blocks some bad advertising, but starting in December, Chrome 71 will start removing persistent abusive advertising experiences from a small number of sites. These are ads that intentionally deceive and force users to take actions that may redirect pages. As a result...
  12. cageymaru

    Malware Strains Fight over Access to Android Devices with USB Debugging Mode Open

    Users of Android devices that have left port 5555 for Android Debug Bridge (ADB) mode open are being infected with malware that mines cryptocurrency. Sometimes ADB is left open from the factory or when users customize their phones and forget to disable what is commonly referred to as "USB...
  13. cageymaru

    Hackers Are Selling Access to Private Facebook Data for 10 Cents per Account

    Often politicians, researchers, corporate entities and citizens discuss the human toll of social media hacks and fierce debates ensue from those crimes, pertaining to what private account data is worth. Hackers in Russia have attached a price tag of 10 cents per account as they attempt to sell...
  14. cageymaru

    Chinese Intelligence Officers Conspired to Steal Aviation Turbofan Engine Technology

    Over a period of 5 years, Chinese intelligence officers Zha Rong and Chai Meng, along with other co-conspirators sought to involve co-opted company insiders to hack and steal sensitive commercial aviation and technological data from firms in the United States and abroad. The intelligence...
  15. cageymaru

    Evidence of Supermicro Infected Hardware Found at U.S. Telecom

    Bloomberg says that security expert Yossi Appleboum has found evidence of altered Supermicro hardware in a major U.S. telecom's network. Mr. Appleboum has worked for the Israeli Army Intelligence Corps and is now co-chief executive officer of Sepio Systems in Gaithersburg, Maryland. His...
  16. cageymaru

    Apple App Store Jewel "Adware Doctor" Pilfered Phone Data to Send to China

    The Adware Doctor app occupied the front page of the Apple App Store as the #4 highest rated app, but it had a dark secret. Instead of removing viruses and malware from iOS devices, it was collecting all browser history, app store purchases, and more to bundle into an encrypted file to be sent...
  17. cageymaru

    Schneider Electric Solar Products Shipped with Malware Installed on USB Drives

    Schneider Electric has become the latest company affected by malware preloaded on their products during manufacture at a third-party supplier's facility. Schneider Electric's Conext ComBox and Conext Battery Monitor are part of their solar systems product lines. Schneider Electric recommends...
  18. FrgMstr

    Your Horoscope Says All Your Money is Going Away

    Lukas Sefanko on Twitter is better at predicting your future than than that astrology app 1500 of you just downloaded from Google Play. Seems that he identified more than a few of these horoscope apps that steal your SMS, call logs, and banking credentials. Stefanko has already reported these...
  19. FrgMstr

    Taco Tuesday with Dark Tequila

    Nothing like a good Spearphish Taco on Tuesday! A malware dubbed "Dark Tequila Anejo," has been uncovered in Mexico, which is just for Mexicans, as in if the malware is installed outside of Mexico, the malware is uninstalled remotely from the victim's machine. This malware, which has just been...
  20. FrgMstr

    AI Driven Malware: DeepLocker at DEFCON

    We get some firsthand information from our security man on the ground from DEFCON. Thanks to SCHTASK for the writeup! Of the many briefings I attended at the Blackhat / Defcon conferences of last week, the Deeplocker Briefing presented by IBM resonated with me the most. AI driven technology...
  21. DooKey

    Intel to Use Integrated GPU to Detect Malware Attacks

    Intel has come up with two new efforts to combat malware. The first is called Accelerated Memory Scanning and it will use the integrated GPU of its CPU's to scan memory for malware. Scanning intensity will be adjusted based upon GPU load and can even be turned off if playing a game. An Intel...
  22. DooKey

    Hackers are Selling Backdoors Into PCs for Just $10

    Just the other day we were talking about military documents on the dark web selling for as little as $200 and today the talk is about hackers selling backdoors into PCs for just $10 on the dark web. This latest offer was discovered when researchers at McAfee Labs looked into the sale of remote...
  23. DooKey

    Hackers Using New Macro-Less Techniques to Distribute Malware

    A Malwarebytes security researcher has found a way to embed a specially-crafted settings file in an Office document and this can be used to run malicious code. This kind of exploit is just another example of what's unintentionally available in huge software packages like Windows 10 and Office...
  24. R

    $100 DLC Comes With Password Stealing Malware for DRM

    A few months ago, a Reddit user by the name of crankyrecursion noticed that the A320 addon from FlightSimLabs contained a file called "test.exe." This file turned out to be used to extract a users passwords from Google Chrome if a pirated key was used, and send your passwords back to...
  25. R

    Install Malware From a Third of a Mile Away

    Cult Of Mac is reporting that a new long range WiFi interception van called WiSear can install malware on an iOS or Android device from a third of a mile away. The van allegedly forces a device to connect to its WiFi access point, and then can use man-in-the-middle attacks to steal data being...
  26. DooKey

    Fake Fortnite Android Apps Spread Across Internet

    YouTube videos that link to scam versions of Fortnite for Android are causing lots of uninformed people to download the app and infect their device with malware. The fact that Google Play Store isn't hosting any of these Fortnite scam apps is the good news. However, these videos keep springing...
  27. DooKey

    VPNFilter Router Malware is a Lot Worse Than Everyone Thought

    A couple of weeks ago we reported about a Russian malware (VPNFilter) that was infecting a large number or routers from different vendors. This week I have bad news to report because this malware is far more widespread than originally thought. More vendors have been added to the vulnerable list...
  28. DooKey

    Firmware Vulnerabilities Disclosed in Supermicro Server Products

    If you own or support Supermicro products you should be aware there are some vulnerabilities in the configuration of some motherboards. This vulnerability is only able to be exploited if the malicious software is already running on the system, but it does have the nasty ability to hide in the...
  29. DooKey

    Steam Client had a Remote Code Execution Vulnerability for at Least 10 Years

    Don't delete your Steam client. The vulnerability has been fixed, but the simple fact of the matter is it was just sitting there for at least ten years. This was a nasty vulnerability that would allow remote code execution on the computer hosting the client. There were no known attacks using...
  30. DooKey

    Nigelthorn Malware Abuses Chrome Extensions to Cryptomine and Steal Data

    A new zero-day malware threat is going around and it takes advantage of social-engineering on Facebook to infect users with an abused Chrome extension. The new malware cryptomines and steals data from those that are fooled by the Facebook links. What makes this really bad is the fact that it...
  31. DooKey

    Author of TreasureHunter PoS Malware Releases Its Source Code

    Thanks to the author of TreasureHunter PoS malware the source code for this is now available in the wild. This malware was previously used by a Russian-speaking group named Bearsinc to steal CC data. Now that the source is available to all we can probably expect many groups to modify the code...
  32. DooKey

    Boeing Hit by WannaCry Virus but it Caused Little Damage

    Yesterday Boeing was hit with the WannaCry virus (site detects ad blockers) and early reports said it could seriously hamper their ability to produce aircraft. However, the company has stated that little damage was done and they don't expect any production impact at this time. While it's good...
  33. DooKey

    Don't Forget to Type the "O" When Typing .com or Else

    Apparently the self-proclaimed Spam King has gobbled up lots of .cm domains and they love to dish out malware. People around the web are finding this out in a bad way and their computers are getting hit with all sorts of garbage. Furthermore, these sites appear to automatically remove their...
  34. R

    Kaspersky Lab Open-Sources its Threat-Hunting Tool

    DARKReading is reporting that Kaspersky Lab has made its threat hunting tool KLara available for open source. The tool runs multiple YARA identifier rules from multiple databases simultaneously. The open source tool is available now on GitHub. Very cool of Kaspersky open-sourcing this. Many...
  35. DooKey

    Purdue Researchers Develop Software That Stops Disk-Wipe Malware

    Purdue researchers have come up with a way to block disk-wipe malware from carrying out its dirty mission and they call it R2D2. R2D2 is short for Reactive Redundancy for Data Destruction Protection and it can analyze write buffers before they take action and then block destructive writes. All...
  36. R

    Research Finds Visiting Pirate Sites Leads to More Malware

    TorrentFreak is reporting that new research from shows the more time spent on pirate sites leads to increased malware. In a paper published by Carnegie Mellon University titled "Does Online Piracy make Computers Insecure?" they observed the computer habits of 253 people, and found that doubling...
  37. DooKey

    Google Tricked Again Into Serving Up Scam Amazon Ads

    Those wily scammers have once again tricked Google into serving up a scam Amazon ad. This one showed up at the top of the search list and looked like a normal Amazon ad and once you clicked it you were sent to a page the mimicked Apple or Windows support pages and told you your computer was...
  38. R

    Robots Want Bitcoins Or They Will Kill Us All!

    In an interesting blog post from IOActive, they have created a proof of concept ransomware attack on robots. Robots are getting more and more common, in businesses, homes, and schools. The SoftBank Pepper robot has over 20,000 units in use in businesses, and the NAO has over 10,000. These robots...
  39. DooKey

    You Might Have a 50/50 Chance to get Your Data Back if You Pay That Ransom

    According to a survey sent to 1,200 IT security personnel and decision makers around the world only about half of those who paid the ransom after being infected by ransomware were able to get their data back. The reasons for this are multiple, but the moral to this story is back up your data...
  40. R

    POS Malware Discovered at Applebee's

    In a report from Threatpost, it appears that malware was discovered on the point of sale systems at more than 160 Applebee's restaurants. The stores are all owned by RHM Franchise Holdings, who said it recently discovered the malware that may have enabled hackers to steal guests' names, credit...
Top