<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Adylkuzz - Quietly Mining Cryptocurrency

In May 2017, the WannaCry Ransomware Attack was all over the news being, what some will say, is the biggest cyberattack to date.

Read More

Share this:

DiamondFox Jumps over the Competition

DiamondFox, also known as Gorynych, is a modular malware that highlights the growth of the malware-as-a-service industry. With accessible how-to videos on YouTube showing aspiring cybercriminals how to set up DiamondFox and a user-friendly interface, it’s easy to see how this malware allows even the least sophisticated attacker to potentially compromise victims.

Read More

Share this:

NotPetya Ransomware Attack Hits Europe Moving On To U.S.

NotPetya ransomware, also known at PetrWrap, is a new virus currently ripping through Europe and is showing signs of moving onto the U.S. So far over 2,000 targets have been hit. These include Russia’s top oil producer, and Ukrainian Banks and Power Grid. Attacks have also been noted on the German Metro system, Denmark, France, Spain, and more. The name itself is derived from the original belief that this was a subset of the Petya malware on closer inspection, Kaspersky Labs has declared that this was incorrect and redubbed the new virus NotPetya.

Read More

Share this:

Bi-Weekly Security Update 6/22/2017

Read More

Share this:

Astrum EK: The Star of the AdGholas Campaign

Astrum Exploit Kit, also known as Stegano, was (until recently) exclusively used in the massive AdGholas malvertising campaign, where it distributed several types of malware, including Ursnif and RAMNIT. The AdGholas campaign, discovered in the summer of 2016, was notable for its use of steganography to hide malicious JavaScript code in ads that redirected victims to a cloned version of a legitimate website.

Read More

Share this:

Terror EK Fails to Scare

After the fall of the popular Angler and Neutrino exploit kits, several different exploit kits have been vying for dominance in the resulting power vacuum.

Read More

Share this:

Kasidet POS Malware Spread Through Fake Security Update

Kasidet (also known as Neutrino Bot) is a malware targeting Point of Sale (POS) devices that performs memory scraping to steal credit card information and browser hooking to steal sensitive data from web browsers on infected devices.

Read More

Share this:

Jaff Ransomware Is Nothing to Laugh About

Jaff ransomware is very similar to other "standard" ransomware in its use of AES encryption to encrypt its victim's files. It’s attributed to the creators of Dridex, Locky and Bart, and has been spreading in high volume through the Necurs botnet. Read More

Share this:

Steam Stealers Game the System

Steam Stealers is the blanket name given to malware specifically targeting users of the popular gaming platform, Steam.

Read More

Share this:

Bi-Weekly Security Update 6/9/2017

Malicious Content Identified and Inserted:

  • IPs – 609
  • Domains – 1381
Read More

Share this:

New Botnet Targets and more

ThreatSTOP's Security team is adding multiple new targets based on the cybercrime-tracker to our expert and standard lists. These lists will better help our customers against various sources of cybercrime. 

Read More

Share this:

Darktrack on Track to Success

Darktrack received some publicity in late 2016 for being a free Remote Access Trojan (RAT) that was comparable to some of the top commercially available RATs. Darktrack has the ability to access a victim's webcam, microphone, files, and passwords. It can also execute commands on infected machines, and make infected computers participate in DDoS attacks.

Read More

Share this:

Irena Damsky Speaking About WannaCry at M3AAWG's 40th General Meeting

Come see our Sr. Director of Security Research, Irena Damsky, break down WannaCry's timeline and give an overview of what happened at M3AAWG's 40th General Meeting on Tuesday, June 13th, 17:30 - 18:30, in Lisbon, Portugal.

 

Read More

Share this:

The Agile Mole

Ransomware, to this day, is one of the major threats to individual users seen on a daily basis in the form of Malspam. Recently, researcher Brad Duncan published to malware-traffic-analysis.net a report on a piece of Ransomware called Mole. Distributed by Malspam that spoofs United States Postal Service (USPS) status updates, the malware gains privilege escalation and encrypts user data.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter