Indicators of compromise – Computer Security Articles

MalwareBytes Security

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

September 26, 2018 admin anti exploit, CVE-2018-8174, CVE-2018-8373, exploit, Exploits, Indicators of compromise, IOC, IOCs, Pastebin, patch, quasar, Rat, remote administration tool, Threat analysis, virustotal, vulnerabilities, Vulnerability

Credit to Author: Jérôme Segura| Date: Wed, 26 Sep 2018 17:13:26 +0000

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Categories:

Tags: anti exploit CVE-2018-8174 CVE-2018-8373 exploit Indicators of compromise IOC IOCs pastebin patch Quasar rat remote administration tool virustotal vulnerabilities vulnerability

(Read more…)

The post Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT appeared first on Malwarebytes Labs.

MalwareBytes Security

Mass WordPress compromises redirect to tech support scams

September 20, 2018 admin bitcoin, Bitcoin Code, browlock, Indicators of compromise, injections, JavaScript, Social engineering, tech support scams, Threat analysis, TSS, wordpress, Zues

Credit to Author: Jérôme Segura| Date: Thu, 20 Sep 2018 17:42:47 +0000

Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.

Categories:

Tags: bitcoin Bitcoin Code browlock Indicators of compromise injections JavaScript tech support scams TSS wordpress Zues

(Read more…)

The post Mass WordPress compromises redirect to tech support scams appeared first on Malwarebytes Labs.

MalwareBytes Security

Partnerstroka: Large tech support scam operation features latest browser locker

September 13, 2018 admin Blogger redirects, browlock, browlocks, browser locker, browser lockers, cybercrime, Decoy sites, GoDaddy, HTTP authentication, Indicators of compromise, IOC, IOCs, malicious pop-ups, malvertising, Malwarebytes Browser Extension, Malwarebytes Browser Extensions, Partnerstroka, rogue tech support ads, Social engineering, stroka, tech support, tech support scams, TSS

Credit to Author: Jérôme Segura| Date: Thu, 13 Sep 2018 15:00:00 +0000

Tech support scammers belonging to the Partnerstroka group are once again abusing browsers, this time with a new browlock feature to reel in more victims, in one of the biggest campaigns we’ve ever tracked.

Categories:

Tags: Blogger redirects browlock browlocks browser locker browser lockers Decoy sites GoDaddy HTTP authentication Indicators of compromise IOC IOCs malicious pop-ups malvertising Malwarebytes Browser Extension Malwarebytes Browser Extensions Partnerstroka rogue tech support ads stroka tech support tech support scams TSS

(Read more…)

The post Partnerstroka: Large tech support scam operation features latest browser locker appeared first on Malwarebytes Labs.