In May 2017, the WannaCry Ransomware Attack was all over the news being, what some will say, is the biggest cyberattack to date.
Read More
DiamondFox, also known as Gorynych, is a modular malware that highlights the growth of the malware-as-a-service industry. With accessible how-to videos on YouTube showing aspiring cybercriminals how to set up DiamondFox and a user-friendly interface, it’s easy to see how this malware allows even the least sophisticated attacker to potentially compromise victims.
Read MoreShare this:
NotPetya ransomware, also known at PetrWrap, is a new virus currently ripping through Europe and is showing signs of moving onto the U.S. So far over 2,000 targets have been hit. These include Russia’s top oil producer, and Ukrainian Banks and Power Grid. Attacks have also been noted on the German Metro system, Denmark, France, Spain, and more. The name itself is derived from the original belief that this was a subset of the Petya malware on closer inspection, Kaspersky Labs has declared that this was incorrect and redubbed the new virus NotPetya.
Read MoreShare this:
Astrum Exploit Kit, also known as Stegano, was (until recently) exclusively used in the massive AdGholas malvertising campaign, where it distributed several types of malware, including Ursnif and RAMNIT. The AdGholas campaign, discovered in the summer of 2016, was notable for its use of steganography to hide malicious JavaScript code in ads that redirected victims to a cloned version of a legitimate website.
Read MoreShare this:
After the fall of the popular Angler and Neutrino exploit kits, several different exploit kits have been vying for dominance in the resulting power vacuum.
Read MoreShare this:
Kasidet (also known as Neutrino Bot) is a malware targeting Point of Sale (POS) devices that performs memory scraping to steal credit card information and browser hooking to steal sensitive data from web browsers on infected devices.
Read MoreShare this:
Jaff ransomware is very similar to other "standard" ransomware in its use of AES encryption to encrypt its victim's files. It’s
attributed to the creators of Dridex, Locky and Bart, and has been spreading in high volume through the Necurs botnet.
Read More
Share this:
Steam Stealers is the blanket name given to malware specifically targeting users of the popular gaming platform, Steam.
Read MoreShare this:
Share this:
ThreatSTOP's Security team is adding multiple new targets based on the cybercrime-tracker to our expert and standard lists. These lists will better help our customers against various sources of cybercrime.
Read MoreShare this:
Darktrack received some publicity in late 2016 for being a free Remote Access Trojan (RAT) that was comparable to some of the top commercially available RATs. Darktrack has the ability to access a victim's webcam, microphone, files, and passwords. It can also execute commands on infected machines, and make infected computers participate in DDoS attacks.
Read MoreShare this:
Come see our Sr. Director of Security Research, Irena Damsky, break down WannaCry's timeline and give an overview of what happened at M3AAWG's 40th General Meeting on Tuesday, June 13th, 17:30 - 18:30, in Lisbon, Portugal.
Read More
Share this:
Ransomware, to this day, is one of the major threats to individual users seen on a daily basis in the form of Malspam. Recently, researcher Brad Duncan published to malware-traffic-analysis.net a report on a piece of Ransomware called Mole. Distributed by Malspam that spoofs United States Postal Service (USPS) status updates, the malware gains privilege escalation and encrypts user data.
Read More