Emotet 101, stage 1: The spam lure

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:55:43 +0000

By SophosLabs Research Emotet operates on a mass scale. Everything it does, it does in bulk. A typical infection begins when the victim receives a specially crafted spam email. Emotet&#8217;s creators send these out by the thousands and, in some cases, the bots themselves send more. The lures employ mass-created malicious document files. The payload [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/7i2oOO4OT8A” height=”1″ width=”1″ alt=””/>

Read more

Flurry of new Mac malware drops in December

Credit to Author: Thomas Reed| Date: Tue, 11 Dec 2018 16:00:00 +0000

Multiple new pieces of Mac malware have appeared in December, all distributed through different means, but all opening backdoors on infected computers.

Categories:

Tags:

(Read more…)

The post Flurry of new Mac malware drops in December appeared first on Malwarebytes Labs.

Read more

Malicious doc “builders” abandon old exploits wholesale

Credit to Author: Gabor Szappanos| Date: Tue, 11 Sep 2018 16:15:26 +0000

A key piece of the malware ecosystem adopts new vulnerabilities, and scraps old exploits, in record time<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/gKMCGkmvrcQ” height=”1″ width=”1″ alt=””/>

Read more

Old MS Office feature weaponized in malspam attacks

Credit to Author: Jérôme Segura| Date: Tue, 17 Oct 2017 15:00:16 +0000

An old Microsoft Office feature has been brought back to the forefront as way to distribute malware without relying on macros or exploits.

Categories:

Tags:

(Read more…)

The post Old MS Office feature weaponized in malspam attacks appeared first on Malwarebytes Labs.

Read more

Fake IRS notice delivers customized spying tool

Credit to Author: Jérôme Segura| Date: Thu, 21 Sep 2017 15:00:24 +0000

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).

Categories:

Tags:

(Read more…)

The post Fake IRS notice delivers customized spying tool appeared first on Malwarebytes Labs.

Read more

PSA: New Microsoft Word 0day used in the wild

Credit to Author: Jérôme Segura| Date: Wed, 13 Sep 2017 22:49:19 +0000

Read more about the latest Microsoft Word Zero-Day and how to protect yourself against it.

Categories:

Tags:

(Read more…)

The post PSA: New Microsoft Word 0day used in the wild appeared first on Malwarebytes Labs.

Read more

Locky ransomware adds anti sandbox feature (updated)

Credit to Author: Malwarebytes Labs| Date: Thu, 31 Aug 2017 16:09:39 +0000

Locky attempts to evade detection by relying once more on simply, yet effective user interaction.

Categories:

Tags:

(Read more…)

The post Locky ransomware adds anti sandbox feature (updated) appeared first on Malwarebytes Labs.

Read more