VB Migration

Tag: malware

  • VB2017 video: Client Maximus raises the bar

    Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware strains written explicitly to target the country. One of them is Client Maximus, a banking trojan discovered in 2017 by researchers from IBM Trusteer…

  • Malware authors’ continued use of stolen certificates isn’t all bad news

    A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov writes . Malware signed with stolen certificates isn’t a new phenomenon. Stuxnet famously used stolen certificates, also from Taiwanese companies, and in 2016 Symantec wrote about a malware campaign that…

  • Malware authors’ continued use of stolen certificates isn’t all bad news

    A malware campaign has been using code-signing certificates stolen from Taiwanese companies to sign its samples, ESET researcher and regular VB conference speaker Anton Cherepanov writes . Malware signed with stolen certificates isn’t a new phenomenon. Stuxnet famously used stolen certificates, also from Taiwanese companies, and in 2016 Symantec wrote about a malware campaign that…

  • .SettingContent-ms files remind us that it is features, not bugs we should be most concerned about

    One of the most significant developments in the threat landscape in recent years has been the return of malicious Office macros, their resurgence having started four years ago . Unlike their predecessors from the 1990s, these macros can’t run automatically, but require the user to explicitly enable macros. This obviously mitigates the damage quite a…

  • .SettingContent-ms files remind us that it is features, not bugs we should be most concerned about

    One of the most significant developments in the threat landscape in recent years has been the return of malicious Office macros, their resurgence having started four years ago . Unlike their predecessors from the 1990s, these macros can’t run automatically, but require the user to explicitly enable macros. This obviously mitigates the damage quite a…

  • XMRig used in new macOS cryptominer

    Users complaining on Apple ‘s official discussion forum about processes that use a lot of CPU have led to the discovery of a new piece of cryptocurrency-mining malware on macOS that is based on XMRig, Malwarebytes researcher Thomas Reed writes . The open-source XMRig Monero miner is widely used for both benign and malicious purposes.…

  • XMRig used in new macOS cryptominer

    Users complaining on Apple ‘s official discussion forum about processes that use a lot of CPU have led to the discovery of a new piece of cryptocurrency-mining malware on macOS that is based on XMRig, Malwarebytes researcher Thomas Reed writes . The open-source XMRig Monero miner is widely used for both benign and malicious purposes.…

  • GravityRAT malware takes your system’s temperature

    Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed ‘GravityRAT’, an advanced Remote Access Trojan (RAT) that appears to have been used in targeted attacks against organizations in India. Analysis of this piece of malware gives an interesting insight into the current state of malware development. The malware is delivered through a…

  • GravityRAT malware takes your system’s temperature

    Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed ‘GravityRAT’, an advanced Remote Access Trojan (RAT) that appears to have been used in targeted attacks against organizations in India. Analysis of this piece of malware gives an interesting insight into the current state of malware development. The malware is delivered through a…

  • Using Mailchimp makes malware campaigns a little bit more successful

    Sending one email is easy. Sending thousands or millions of emails is hard: one effect of the anti-spam infrastructure we have collectively built is that the process of sending email scales very badly (even for those who only send legitimate messages). This is why companies tend to outsource their mail delivery operations to email service…