Credit to Author: Jérôme Segura| Date: Thu, 06 Apr 2017 17:10:49 +0000
 | |
| A malvertising campaign on iOS is pushing a scareware page tricking Apple users into installing a free VPN app that comes with serious privacy implications. Categories: Tags: AppleiOSiPhonemalvertisingmalwareMyMobileSecurescarewarevpn |
The post Malvertising on iOS pushes eyebrow-raising VPN app appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Thu, 06 Apr 2017 15:00:30 +0000
 | |
| In a previous post we made an initial analysis of a Diamond Fox bot delivered by the Nebula Exploit Kit (more about the campaign can be found here). We described the way to unpack the protection layer in order to get the core, written in Visual Basic, that can be decompiled. In this second part of… Categories: Tags: Diamond FoxEKexploit kitNebulaNebula Exploit Kit |
The post Diamond Fox – part 2: let’s dive in the code appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Wed, 29 Mar 2017 15:00:24 +0000
 | |
| Sage is yet another ransomware that has become a common threat nowadays. Similarly to Spora, it has capabilities to encrypt files offline. The malware is actively developed and currently, we are facing outbreak of version 2.2. of this product. Categories: Tags: encryptionhasherezademalwarephishransomwareSage ransomwareSpora Ransomware |
The post Explained: Sage ransomware appeared first on Malwarebytes Labs.
Read moreCredit to Author: Zammis Clark| Date: Mon, 20 Mar 2017 15:00:03 +0000
 | |
| In this blog, we expose a family of backdoor drivers that have been included in various PUPs of Chinese origin for several years. Categories: |
The post Chinese PUPs and backdoor drivers: making systems less secure since 2013 appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Fri, 17 Mar 2017 15:00:41 +0000
 | |
| In this short series of posts, we will take a deep dive in a sample of Diamond Fox delivered by the Nebula Exploit Kit (described here). We will also make a brief comparison with the old, leaked version, in order to show the evolution of this product. Categories: Tags: Diamond FoxGornychmalwareVisual BasicVisual Basic Decompiler |
The post Diamond Fox – part 1: introduction and unpacking appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Fri, 10 Mar 2017 18:00:09 +0000
 | |
| Spora ransomware has joined the family of ransomware created by professionals. Take a closer look at Spora. Categories: Tags: malwareransomwareSporaSpora Ransomware |
The post Explained: Spora ransomware appeared first on Malwarebytes Labs.
Read moreCredit to Author: Nathan Scott| Date: Fri, 10 Mar 2017 16:00:12 +0000
 | |
| CryptoBlock is an interesting ransomware to keep an eye on. We expect this to be a ransomware that is in development to eventually develop into a RaaS (Ransomware as a Service). Categories: Tags: CryptoBlockraasransomwareRansomware as a Servicevirustotal |
The post CryptoBlock ransomware and its C2 appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Thu, 09 Mar 2017 20:08:35 +0000
 | |
| We take a look at the current exploit kit scene (Winter 2017) according to our telemetry and honeypots. Categories: Tags: EKexploit kitsMagnitudemalvertisingmalvertsmalwareneutrinoransomwareRIGsundown |
The post Exploit kits: Winter 2017 review appeared first on Malwarebytes Labs.
Read more