Credit to Author: Vishal Thakur| Date: Thu, 07 Jun 2018 15:00:00 +0000
 | |
| In part two of our series on decoding Emotet, we analyze the PowerShell code flow and structure. We also reconstruct the command-line arguments—for fun! Categories: Tags: code analysisdownloaderemotetencryptionpowershell |
The post Malware analysis: decoding Emotet, part 2 appeared first on Malwarebytes Labs.
Read moreCredit to Author: Christopher Boyd| Date: Thu, 31 May 2018 15:00:00 +0000
 | |
| We take a look at Instagram story spam leading to a “free Apple Watch” giveaway on a recently compromised celebrity account. Categories: Tags: Apple WatchInstagramscamsocial mediasocial networkspamsurveysurveys |
The post Instagram story spam claims free Apple Watch appeared first on Malwarebytes Labs.
Read moreCredit to Author: Vishal Thakur| Date: Fri, 25 May 2018 15:00:00 +0000
| |
| In the first part of this two-part analysis of Emotet, we look at the VBA code, where you’ll learn how to recognize and discard “dead” code thrown in to complicate the analysis process. Categories: Tags: code variationemotetmacrosmalware analysisvba code |
The post Malware analysis: decoding Emotet, part 1 appeared first on Malwarebytes Labs.
Read moreCredit to Author: Thomas Reed| Date: Tue, 22 May 2018 15:00:00 +0000
 | |
| New Mac cryptominer malware is using the XMRig library to mine Monero on infected Macs. Categories: Tags: ApplecryptominercryptominingmacMac cryptominerXMRig |
The post New Mac cryptominer uses XMRig appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Fri, 18 May 2018 15:00:00 +0000
 | |
| Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers. Categories: Tags: CMScontent management systemsdrupaldrupalgeddonmalicious cryptomining |
The post A look into Drupalgeddon’s client-side attacks appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Tue, 15 May 2018 18:44:14 +0000
 | |
| A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape. Categories: Tags: 0dayadobeAdobe ReaderCVE-2018-4990CVE-2018-8120zero day |
The post Adobe Reader zero-day discovered alongside Windows vulnerability appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Tue, 08 May 2018 13:25:00 +0000
 | |
| The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page. Categories: Tags: malvertisingtech support scamsTSSWP-VCD |
The post Tech support scam uses fake Shoppers Stop site to lure thousands appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Tue, 08 May 2018 13:25:00 +0000
| |
| The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page. Categories: Tags: malvertisingtech support scamsTSSWP-VCD |
The post Tech support scam uses fake Shoppers Stop to draw from thousands of forced ad injections appeared first on Malwarebytes Labs.
Read more