Credit to Author: Ghanshyam More| Date: Fri, 14 Dec 2018 10:59:58 +0000
For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not…
Read moreCredit to Author: Malwarebytes Labs| Date: Mon, 17 Sep 2018 15:56:14 +0000
 | |
| A roundup of the security news from September 10–16, including omnichannel fraud, ways to get back at scammers, the security of 2FA, and partnerstrokas. Categories: Tags: 2faa week in securityAndroidandroid browserbanking Trojanbanking Trojansbotnetshmrc phishmicrosoftomnichannel fraudphishingportable routerproject verifyram nitRamnit Trojanransomwarerecaprecon malwarescammersecurity of portable routertech support scamtech support scamstortrojantwo-factor authenticationweekly blog roundup |
The post A week in security (September 10 – 16) appeared first on Malwarebytes Labs.
Read moreCredit to Author: hasherezade| Date: Mon, 13 Aug 2018 18:29:57 +0000
 | |
| Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan. Categories: Tags: dropperkronososirisOsiris dropperprocess dopplegangingtrojan |
The post Process Doppelgänging meets Process Hollowing in Osiris dropper appeared first on Malwarebytes Labs.
Read moreCredit to Author: hasherezade| Date: Thu, 09 Aug 2018 18:52:57 +0000
| |
| Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpack the code to show how malware authors used this process. Categories: Tags: dropperkronososirisOsiris dropperprocess dopplegangingtrojan |
The post Osiris dropper found using process doppelgänging appeared first on Malwarebytes Labs.
Read moreCredit to Author: Preksha Saxena| Date: Tue, 10 Jul 2018 12:16:26 +0000
Since the past few weeks, Quick Heal Security Labs has been observing a series of interesting malware blocked at our customer end. The further analysis of the malware ‘t.exe’ revealed that the malware seems to be Trojan dropper. Interestingly, this multipurpose malware is downloading a ransomware component, a crypto-mining malware…
Read moreCredit to Author: Nathan Collier| Date: Wed, 20 Jun 2018 19:00:41 +0000
 | |
| The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions of Fortnite for Android. Spoiler alert: they’re fake. Categories: Tags: AndroidfakeappFakeFortnitefortniteMobiletrojan |
The post Fake Fortnite for Android links found on YouTube appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Wed, 28 Mar 2018 16:00:00 +0000
 | |
| QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we’ll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes. Categories: Tags: backdoormalware analysisQuantLoaderQuantLoader Trojantrojan |
The post An in-depth malware analysis of QuantLoader appeared first on Malwarebytes Labs.
Read moreCredit to Author: Nathan Collier| Date: Wed, 07 Feb 2018 19:30:00 +0000
 | |
| Recently, we discovered a gold mine of fake hack apps that mine for Monero cryptocurrency and serve up annoying adware. Categories: Tags: adwareAndroidcoin hivecoin minershackhack appMobiletrojan |
The post Bogus hack apps hack users back for cryptocash appeared first on Malwarebytes Labs.
Read more