Fake browser update seeks to compromise more MikroTik routers

Credit to Author: Malwarebytes Labs| Date: Fri, 12 Oct 2018 15:00:06 +0000

Threat actors are social engineering users with a fake update that, once installed, will scan the Internet in an attempt to exploit vulnerable MikroTik routers.

Categories:

Tags:

(Read more…)

The post Fake browser update seeks to compromise more MikroTik routers appeared first on Malwarebytes Labs.

Read more

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

Credit to Author: Jérôme Segura| Date: Wed, 26 Sep 2018 17:13:26 +0000

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Categories:

Tags:

(Read more…)

The post Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT appeared first on Malwarebytes Labs.

Read more

Mass WordPress compromises redirect to tech support scams

Credit to Author: Jérôme Segura| Date: Thu, 20 Sep 2018 17:42:47 +0000

Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.

Categories:

Tags:

(Read more…)

The post Mass WordPress compromises redirect to tech support scams appeared first on Malwarebytes Labs.

Read more

Mac App Store apps are stealing user data

Credit to Author: Thomas Reed| Date: Fri, 07 Sep 2018 17:08:24 +0000

There are several apps in the Mac App Store that are collecting data about users that they should not be collecting. Here’s what you need to know.

Categories:

Tags:

(Read more…)

The post Mac App Store apps are stealing user data appeared first on Malwarebytes Labs.

Read more

Reversing malware in a custom format: Hidden Bee elements

Credit to Author: hasherezade| Date: Thu, 30 Aug 2018 15:41:34 +0000

When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-step analysis for a closer look.

Categories:

Tags:

(Read more…)

The post Reversing malware in a custom format: Hidden Bee elements appeared first on Malwarebytes Labs.

Read more

Fileless malware: getting the lowdown on this insidious threat

Credit to Author: Vasilios Hioureas| Date: Wed, 29 Aug 2018 16:48:35 +0000

In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods.

Categories:

Tags:

(Read more…)

The post Fileless malware: getting the lowdown on this insidious threat appeared first on Malwarebytes Labs.

Read more

Process Doppelgänging meets Process Hollowing in Osiris dropper

Credit to Author: hasherezade| Date: Mon, 13 Aug 2018 18:29:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

Categories:

Tags:

(Read more…)

The post Process Doppelgänging meets Process Hollowing in Osiris dropper appeared first on Malwarebytes Labs.

Read more

Exploit kits: summer 2018 review

Credit to Author: Jérôme Segura| Date: Tue, 07 Aug 2018 15:00:00 +0000

Just like the beach, the EK landscape got a little crowded this summer. Find out what we discovered in our exploit kits summer review.

Categories:

Tags:

(Read more…)

The post Exploit kits: summer 2018 review appeared first on Malwarebytes Labs.

Read more

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Credit to Author: Malwarebytes Labs| Date: Thu, 26 Jul 2018 21:00:22 +0000

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.

Categories:

Tags:

()

The post ‘Hidden Bee’ miner delivered via improved drive-by download toolkit appeared first on Malwarebytes Labs.

Read more

New strain of Mac malware Proton found after two years

Credit to Author: Thomas Reed| Date: Tue, 24 Jul 2018 15:00:00 +0000

A new variant of the Mac malware Proton, which was rampant on macOS last year, has been found dating back to at least two years ago. Learn how this could still affect your Mac today.

Categories:

Tags:

(Read more…)

The post New strain of Mac malware Proton found after two years appeared first on Malwarebytes Labs.

Read more

Magniber ransomware improves, expands within Asia

Credit to Author: Malwarebytes Labs| Date: Mon, 16 Jul 2018 17:00:16 +0000

After a controlled delivery focused on South Korea, an upgraded Magniber ransomware is now affecting other Asian countries.

Categories:

Tags:

(Read more…)

The post Magniber ransomware improves, expands within Asia appeared first on Malwarebytes Labs.

Read more