Categories

Category Archives: Malware Analysis

The nitty-gritty technical details from our malware researchers and developers about all the nastiest malware out there.

High Exposure

Bill Gates is the latest victim of a series of hacks targeting celebrities and getting their private information exposed to the world. A group of hackers who already published Social Security Numbers, Credit Reports and banking details, addresses etc. for several other high profiles, is still enjoying an undisrupted run. Equifax recently confirmed being breached […]

Obfuscation: Malware’s best friend

Here at Malwarebytes, we see a lot of malware. Whether it’s a botnet used to attack web servers or a ransomware stealing your files, much of today’s malware wants to stay hidden during infection and operation to prevent removal and analysis. Malware achieves this using many techniques

Dangerous beans: Oracle deep in the storm

Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making this a zero-day. The flaw is not just a proof of concept but has been spotted in the wild and it will be just a matter […]

Law Against Cookies

In May  2011 the European Union changed the law that covers the use of electronic communications networks to store information, e.g. using cookies, or gain access to information stored in the terminal equipment of a subscriber or user. One year later, in May 2012 the law was updated in the sense that implied consent was […]

Q&A about ransomware featuring Eric Freyssinet

This week I am talking with Eric Freyssinet, head of a national cybercrime investigative unit in France. We discuss ransomware and cyber crime in general from a researcher/law enforcement point of view. There are several initiatives in place to educate end users about these threats and also how to get rid of them without forking […]

Text Popups

What is a text popup? A text popup is a link that opens a popup box containing advertisements, usually prompted by a mouse-over. Where do they come from? As a moderator on a few forums and as an amateur web-designer, I often get complaints from people asking me to remove the annoying text popups or […]

Tools of the Trade: Exploit Kits

Exploit Kits are a serious cyber threat today, estimated to be responsible for the vast percentage of malware infections worldwide.  Exploit kits distributed currently through both public and underground sources appeal to a wide range of audiences, from inexperienced hackers to seasoned “black hat” cybercriminals.  Perhaps you or someone you know may have heard about […]

Sandbox Sensitivity

This article is meant to give you an overview of how sandboxes are used and why malware writers try to avoid their code to run on them. It will also list some methods that are in use to make malware sandbox-sensitive. Without going into much detail it will also give you an idea of the […]

Digital certificates and malware: a dangerous mix

Update (Feb 6th): The digital certificates have been revoked by DigiCert. Update (Feb 4th, 3:44 PM): Egnyte has promptly taken down the illicit account following our call. However, digital signature is still in use. In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If […]

Malwarebiter – Biting down on you

UPDATE: As of 1/28, the Facebook page for Malwarebiter appears to have been deleted. Overview A few days ago Malwarebytes Intelligence Analyst Adam Kujawa released a Cyber-Threat Advisory on a fairly new anti-malware product on the web called “Malwarebiter”.  This product grabbed our attention because of its similar name to Malwarebytes.  

CTA: Unpatched Java Exploit in the Wild

URGENT: New Java Exploit being used to infect Updated Users. ACTION: Disable Java Browser Plugin using: http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/ http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/ DETAILS: As of yesterday, a new Java exploit has been developed and released to the cyber-crime community. It is currently in the wild and being used to distribute malware such as the Reveton Ransomware.

Web Exploits: a bright future ahead

The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever. Vulnerabilities are flaws that exist in various programs and that allow someone to […]

Misleading advertising

Today we are going to be talking about advertising, specifically misleading advertising. Whether it’s on TV or on the internet, in magazines and newspapers, we see misleading advertising all of the time, you see it all of the time, whether you realize it or not. So how do you spot it? Well, that is one […]

This Christmas time the bad guys will be shopping too

While most folks want a new gaming system, TV, or the latest computer gadget, there is another group of people that are looking for something quite different and definitely not your typical in-store purchase. I’m talking about those people buying stolen online  ”goods” ranging from credit card numbers and email accounts, to paid adult sites […]

Ransomware

…because some malware is too heinous for clever puns. Ransom software or Ransomware, takes advantage of our constant need for information, communication and entertainment by hijacking our computer systems and demanding payment for returned use.  It hides under the masks of government agencies and uses tactics similar to criminal interrogations to guilt the user into […]

It’s The Most Dangerous Time of the Year!

The holidays are a time for family, friendship, giving and compassion.  They are also a time for cyber criminals to scam people into downloading malware, giving up personal information and even doing non-stop surveys. This blog post will go over a few tricks that you might want to keep an eye out for during this […]

From server hack to client side ransomware

Insecure websites are responsible for most malware infections. In this post I will show you how a typical WordPress site that was poorly configured got hacked, leading unsuspecting visitors to a very bad surprise. If you can browse the underlying structure of a site, it is usually not a good sign. It does not mean […]

Citadel: a cyber-criminal’s ultimate weapon?

In old times, a citadel was a fortress used as the last line of defense. For cyber criminals it is a powerful and state-of-the-art toolkit to both distribute malware and manage infected computers (bots). Citadel is an offspring of the (too) popular Zeus crimekit whose main goal is to steal banking credentials by capturing keystrokes […]

Pick A Download… Part 2

Last week I wrote a blog post on the dangers of ads posing as fake download buttons on various download web sites. Since then I received a lot of feedback from our readers and other security researchers on different tools available to help users avoid these dangers by blocking the ads entirely.  Instead of adding […]

In this connected world, time is of the essence. The bad guys are counting on releasing their malicious programs and infecting machines before security companies have time to analyze those samples and provide detection signatures to block the threat. Although antivirus companies have evolved their technologies and can now provide proactive heuristic detections (essentially this […]

« Previous PageNext Page »

Subscribe to our YouTube Channel