Meet Extenbro, a new DNS-changer Trojan protecting adware

Credit to Author: Pieter Arntz| Date: Mon, 15 Jul 2019 14:54:00 +0000

We found a new Trojan that uses aggressive techniques, including blocking access to security sites, to deliver an adware bundler. Read up on what Extenbro can do and how to get this pest off your system.

Categories:

Tags:

(Read more…)

The post Meet Extenbro, a new DNS-changer Trojan protecting adware appeared first on Malwarebytes Labs.

Read more

Adware and PUPs families add push notifications as an attack vector

Credit to Author: Pieter Arntz| Date: Thu, 13 Jun 2019 18:36:14 +0000

Push notifications are being added to the arsenal of PUPs, adware, and even a Trojan browser extension that spams Facebook groups.

Categories:

Tags:

(Read more…)

The post Adware and PUPs families add push notifications as an attack vector appeared first on Malwarebytes Labs.

Read more

Emotet revisited: pervasive threat still a danger to businesses

Credit to Author: Pieter Arntz| Date: Thu, 14 Mar 2019 15:00:00 +0000

Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.

Categories:

Tags:

(Read more…)

The post Emotet revisited: pervasive threat still a danger to businesses appeared first on Malwarebytes Labs.

Read more

Sophisticated Ransomware : “Katyusha”

Credit to Author: Ghanshyam More| Date: Fri, 14 Dec 2018 10:59:58 +0000

For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not…

Read more

A week in security (September 10 – 16)

Credit to Author: Malwarebytes Labs| Date: Mon, 17 Sep 2018 15:56:14 +0000

A roundup of the security news from September 10–16, including omnichannel fraud, ways to get back at scammers, the security of 2FA, and partnerstrokas.

Categories:

Tags:

(Read more…)

The post A week in security (September 10 – 16) appeared first on Malwarebytes Labs.

Read more

Process Doppelgänging meets Process Hollowing in Osiris dropper

Credit to Author: hasherezade| Date: Mon, 13 Aug 2018 18:29:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

Categories:

Tags:

(Read more…)

The post Process Doppelgänging meets Process Hollowing in Osiris dropper appeared first on Malwarebytes Labs.

Read more

Osiris dropper found using process doppelgänging

Credit to Author: hasherezade| Date: Thu, 09 Aug 2018 18:52:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpack the code to show how malware authors used this process.

Categories:

Tags:

(Read more…)

The post Osiris dropper found using process doppelgänging appeared first on Malwarebytes Labs.

Read more