A new banking Trojan called Pandemiya is for sale in hacker forums. The malware took a year to write from scratch, RSA Security said, in order to avoid detection and analysis.
Browsing Tag: malware
The RIG Exploit Kit is using malvertising to infect victims with Cryptowall ransomware, including one tiny New Hampshire town that proved backup is king when confronting ransomware.
A phishing campaign has been detected that sends victims Dropbox links leading to a .zip file hosting the Zeus banking Trojan.
The effect of the takedown of the GameOver Zeus botnet this week has been immediate and significant. Researchers who track the activity of the peer-to-peer botnet’s activity say that the volume of packets being sent out by infected machines has dropped to almost zero.
Malware capable of infecting point-of-sale devices once was a novelty, but it’s quickly becoming more common. Researchers at Arbor Networks have unearthed a new strain of PoS malware called Soraya that can scrape memory and has the ability to intercept information sent from Web forms, a specialty of the Zeus malware family. Soraya also has[…]
UPDATE–Law enforcement agencies in Europe and the United States, including Europol and the FBI, ran a coordinated takedown of the GameOver Zeus botnet on Friday, seizing servers and disrupting the botnet’s operation. Authorities say that the same botnet has been used to distribute the CryptoLocker ransomware and they’re now looking for a 30-year-old Russian whom[…]
Those in control of the Asprox botnet are hiding their malware in emails purporting to come from the USPS.
CryptoDefense, a ransomware competitor to CryptoLocker, has an implementation flaw that could allow for recovery of the decryption key from the victim’s computer.
UPDATE–Researchers have discovered a hybrid Trojan that combines elements of two of the more notorious crimeware strains of the last few years: Zeus and Carberp. It’s not uncommon for malware writers to steal bits and pieces of code from one another, but both Zeus and Carberp were once exclusively private tools, but the source code[…]
Researchers have disclosed a new zero day vulnerability in Internet Explorer 8 that could enable an attacker to run arbitrary code on vulnerable machines via drive-by downloads or malicious attachments in email messages. The vulnerability was discovered and disclosed to Microsoft in October, but the company has yet to produce a patch, so HP’s Zero[…]