RSS Reader for Computer Security Articles
Credit to Author: Thomas Reed| Date: Mon, 29 Oct 2018 17:20:00 +0000
 | |
| A Mac application named CoinTicker has been found installing two different backdoors, capable of keylogging, data theft, execution of arbitrary commands, and more. Categories: Tags: backdoorcryptocurrencycryptominingevileggmacmac backdoormac cryptocurrency |
The post Mac cryptocurrency ticker app installs backdoors appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Malwarebytes Labs| Date: Wed, 28 Mar 2018 16:00:00 +0000
 | |
| QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we’ll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes. Categories: Tags: backdoormalware analysisQuantLoaderQuantLoader Trojantrojan |
The post An in-depth malware analysis of QuantLoader appeared first on Malwarebytes Labs.
Read More
Credit to Author: Louise Matsakis| Date: Tue, 14 Nov 2017 18:07:52 +0000
A pre-installed factory app called Engineer Mode can root devices.
Read MoreCredit to Author: William Tsing| Date: Tue, 25 Jul 2017 15:00:18 +0000
 | |
| There’s been a lot of talk recently about encryption and how law enforcement can’t convict criminals without encryption keys. We beg to differ. Categories: Tags: backdoorencryptiongovernmentlaw enforcementprivacy |
The post Going dark: encryption and law enforcement appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Thomas Reed| Date: Mon, 08 May 2017 17:04:43 +0000
 | |
| The website of the popular HandBrake DVD-ripping app has been hacked, and for 4 days, a maliciously-modified copy of the app was installing a new variant of the mysterious Proton malware. Categories: Tags: apple phishingbackdoorEric Petithandbrake hackmacmac backdoormalwarephishproton |
The post HandBrake hacked to drop new variant of Proton malware appeared first on Malwarebytes Labs.
Read MoreWe have recently observed that spam campaigns are now using JavaScript attachments aside from Office files. The purpose of the code is straightforward. It downloads and runs other malware. Some of the JavaScript downloaders that we’ve seen are: TrojanDownloader:JS/Swabfex TrojanDownloader:JS/Nemucod TrojanDownloader:JS/Locky The same JavaScript downloaders are also responsible for spreading the following ransomware: Ransom:Win32/Tescrypt Ransom:Win32/Locky…
Read MoreAs part of our ongoing effort to provide better malware protection, the Microsoft Malicious Software Removal Tool (MSRT) release this April will include detections for: Win32/Bedep – Trojan family Win32/Upatre – Trojan family Ransom:MSIL/Samas – Ransomware family In this blog, we’ll focus on the Bedep family of trojans. The bothersome Bedep Win32/Bedep was first…
Read More