Magecart criminals caught stealing with their poker face on

Credit to Author: Jérôme Segura| Date: Tue, 20 Aug 2019 15:00:38 +0000

This blog post details the curious case of a web skimmer encountered in a poker application.

Categories:

Tags:

(Read more…)

The post Magecart criminals caught stealing with their poker face on appeared first on Malwarebytes Labs.

Read more

The Hidden Bee infection chain, part 1: the stegano pack

Credit to Author: hasherezade| Date: Thu, 15 Aug 2019 15:26:55 +0000

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.

Read more

Say hello to Lord Exploit Kit

Credit to Author: Jérôme Segura| Date: Fri, 02 Aug 2019 18:15:24 +0000

In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.

Categories:

Tags:

(Read more…)

The post Say hello to Lord Exploit Kit appeared first on Malwarebytes Labs.

Read more

Exploit kits: summer 2019 review

Credit to Author: Jérôme Segura| Date: Tue, 30 Jul 2019 16:20:33 +0000

In this edition of our seasonal review of exploit kits, we review active and unique EKs hitting consumers and businesses over the summer 2019 season.

Categories:

Tags:

(Read more…)

The post Exploit kits: summer 2019 review appeared first on Malwarebytes Labs.

Read more

A deep dive into Phobos ransomware

Credit to Author: hasherezade| Date: Wed, 24 Jul 2019 18:09:33 +0000

We take an in-depth look into Phobos ransomware which threat actors distribute via RDP and look at similarities with Dharma (AKA CrySis) ransomware.

Categories:

Tags:

(Read more…)

The post A deep dive into Phobos ransomware appeared first on Malwarebytes Labs.

Read more

Fake jquery campaign leads to malvertising and ad fraud schemes

Credit to Author: Jérôme Segura| Date: Thu, 27 Jun 2019 16:14:35 +0000

We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.

Categories:

Tags:

(Read more…)

The post Fake jquery campaign leads to malvertising and ad fraud schemes appeared first on Malwarebytes Labs.

Read more

GreenFlash Sundown exploit kit expands via large malvertising campaign

Credit to Author: Jérôme Segura| Date: Wed, 26 Jun 2019 18:30:48 +0000

The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Categories:

Tags:

(Read more…)

The post GreenFlash Sundown exploit kit expands via large malvertising campaign appeared first on Malwarebytes Labs.

Read more

Magecart skimmers found on Amazon CloudFront CDN

Credit to Author: Jérôme Segura| Date: Tue, 04 Jun 2019 15:00:22 +0000

Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.

Categories:

(Read more…)

The post Magecart skimmers found on Amazon CloudFront CDN appeared first on Malwarebytes Labs.

Read more

Hidden Bee: Let’s go down the rabbit hole

Credit to Author: hasherezade| Date: Fri, 31 May 2019 17:32:57 +0000

The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

Categories:

Tags:

(Read more…)

The post Hidden Bee: Let’s go down the rabbit hole appeared first on Malwarebytes Labs.

Read more

Medical industry struggles with PACS data leaks

Credit to Author: Vasilios Hioureas| Date: Fri, 24 May 2019 18:05:21 +0000

PACS servers are often used to store and transmit patient data. But how is their security implemented? We take a look at case of how poor setup can easily lead to data leaks.

Categories:

Tags:

(Read more…)

The post Medical industry struggles with PACS data leaks appeared first on Malwarebytes Labs.

Read more

Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses

Credit to Author: Pieter Arntz| Date: Wed, 15 May 2019 16:02:13 +0000

CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?

Categories:

Tags:

(Read more…)

The post Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses appeared first on Malwarebytes Labs.

Read more