Process Doppelgänging meets Process Hollowing in Osiris dropper

Credit to Author: hasherezade| Date: Mon, 13 Aug 2018 18:29:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

Categories:

Tags:

(Read more…)

The post Process Doppelgänging meets Process Hollowing in Osiris dropper appeared first on Malwarebytes Labs.

Read more

Exploit kits: summer 2018 review

Credit to Author: Jérôme Segura| Date: Tue, 07 Aug 2018 15:00:00 +0000

Just like the beach, the EK landscape got a little crowded this summer. Find out what we discovered in our exploit kits summer review.

Categories:

Tags:

(Read more…)

The post Exploit kits: summer 2018 review appeared first on Malwarebytes Labs.

Read more

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Credit to Author: Malwarebytes Labs| Date: Thu, 26 Jul 2018 21:00:22 +0000

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.

Categories:

Tags:

()

The post ‘Hidden Bee’ miner delivered via improved drive-by download toolkit appeared first on Malwarebytes Labs.

Read more

New strain of Mac malware Proton found after two years

Credit to Author: Thomas Reed| Date: Tue, 24 Jul 2018 15:00:00 +0000

A new variant of the Mac malware Proton, which was rampant on macOS last year, has been found dating back to at least two years ago. Learn how this could still affect your Mac today.

Categories:

Tags:

(Read more…)

The post New strain of Mac malware Proton found after two years appeared first on Malwarebytes Labs.

Read more

Magniber ransomware improves, expands within Asia

Credit to Author: Malwarebytes Labs| Date: Mon, 16 Jul 2018 17:00:16 +0000

After a controlled delivery focused on South Korea, an upgraded Magniber ransomware is now affecting other Asian countries.

Categories:

Tags:

(Read more…)

The post Magniber ransomware improves, expands within Asia appeared first on Malwarebytes Labs.

Read more

SamSam ransomware: controlled distribution for an elusive malware

Credit to Author: Malwarebytes Labs| Date: Tue, 19 Jun 2018 16:14:30 +0000

SamSam ransomware is a unique malware for its explicit human interaction on selected targets and care to erase most of its tracks.

Categories:

Tags:

(Read more…)

The post SamSam ransomware: controlled distribution for an elusive malware appeared first on Malwarebytes Labs.

Read more

Obfuscated Coinhive shortlink reveals larger mining operation

Credit to Author: Jérôme Segura| Date: Tue, 03 Jul 2018 15:00:00 +0000

A web miner injected into compromised sites is just the tip of the iceberg for an infrastructure hosting malicious Windows and Linux coin miners.

Categories:

Tags:

(Read more…)

The post Obfuscated Coinhive shortlink reveals larger mining operation appeared first on Malwarebytes Labs.

Read more

New macro-less technique to distribute malware

Credit to Author: Jérôme Segura| Date: Mon, 02 Jul 2018 21:12:47 +0000

The latest macro-less technique to distribute malware via Office documents does not involve exploits. Just a little bit of social engineering.

Categories:

Tags:

(Read more…)

The post New macro-less technique to distribute malware appeared first on Malwarebytes Labs.

Read more

SamSam ransomware: controlled distribution for an elusive malware

Credit to Author: Malwarebytes Labs| Date: Mon, 18 Jun 2018 19:30:53 +0000

SamSam ransomware is a unique malware for its explicit human interaction on selected targets and care to erase most of its tracks.

Categories:

Tags:

(Read more…)

The post SamSam ransomware: controlled distribution for an elusive malware appeared first on Malwarebytes Labs.

Read more

Malware analysis: decoding Emotet, part 2

Credit to Author: Vishal Thakur| Date: Thu, 07 Jun 2018 15:00:00 +0000

In part two of our series on decoding Emotet, we analyze the PowerShell code flow and structure. We also reconstruct the command-line arguments—for fun!

Categories:

Tags:

(Read more…)

The post Malware analysis: decoding Emotet, part 2 appeared first on Malwarebytes Labs.

Read more

Instagram story spam claims free Apple Watch

Credit to Author: Christopher Boyd| Date: Thu, 31 May 2018 15:00:00 +0000

We take a look at Instagram story spam leading to a “free Apple Watch” giveaway on a recently compromised celebrity account.

Categories:

Tags:

(Read more…)

The post Instagram story spam claims free Apple Watch appeared first on Malwarebytes Labs.

Read more