<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Author Archives:Victoria Tom

Recent Posts

CRBR Encryptor: A Ransomware By Any Other Name Would Encrypt as Well

It's not unusual for brands to occasionally have to re-envision themselves. Apparently this applies to legitimate and illicit brands equally.

Read More

Share this:

Qakbot Is Back & Targeting Banking Credentials

Qakbot, also known as Qbot, is a network worm targeting banking credentials. It propagates by copying itself to network drives and infecting removable drives.

Read More

Share this:

Author Releases Private Key Unlocking Petya/GoldenEye Ransomware

In light of the devastating NotPetya attack, the creator of the original Petya ransomware has released his private key for the malware. This means victims of the original Petya attacks (excluding NotPetya) will be able to decrypt their files for free.

Read More

Share this:

Magnitude EK: What's Shakin?

The Magnitude EK, active since 2013, is one of the longest-running exploit kits used, with many of its most recent victims coming from Asia. It is usually seen distributing Cerber ransomware.

Read More

Share this:

Winnti Aims to Win the Game

The Winnti group is a Chinese-linked cybercriminal group that is most well-known for its 2011 attacks against online video game producers.

Read More

Share this:

A Rough Time for Web-browsing: The RoughTed Campaign

One family of malware that even the most vigilant of users has to be careful of is malvertising. Malvertising's dangers come from the fact that malware infection can occur from visiting a common legitimate website, as the malware is embedded within the ads on the website, rather than the website itself.

Read More

Share this:

RIG Exploit Kit Takedown: Operation Shadowfall

Similar to Terror EK, the RIG EK gained a lot of footing in the EK market after the downfall of the Angler, Neutrino, and Nuclear exploit kits.

Read More

Share this:

DiamondFox Jumps over the Competition

DiamondFox, also known as Gorynych, is a modular malware that highlights the growth of the malware-as-a-service industry. With accessible how-to videos on YouTube showing aspiring cybercriminals how to set up DiamondFox and a user-friendly interface, it’s easy to see how this malware allows even the least sophisticated attacker to potentially compromise victims.

Read More

Share this:

Astrum EK: The Star of the AdGholas Campaign

Astrum Exploit Kit, also known as Stegano, was (until recently) exclusively used in the massive AdGholas malvertising campaign, where it distributed several types of malware, including Ursnif and RAMNIT. The AdGholas campaign, discovered in the summer of 2016, was notable for its use of steganography to hide malicious JavaScript code in ads that redirected victims to a cloned version of a legitimate website.

Read More

Share this:

Terror EK Fails to Scare

After the fall of the popular Angler and Neutrino exploit kits, several different exploit kits have been vying for dominance in the resulting power vacuum.

Read More

Share this: