June 5, 2013 | BY
Awareness and education about online dangers is essential but headlines like “Malware That Drains Your Bank Account Thriving On Facebook” instill fear while at the same time blame Facebook — something that may not be entirely justified.
June 4, 2013 | BY
Computer Trojans, like the mythical horse of the Trojan war, often disguise themselves as something useful or at least innocent. Once inside, however, they often download and install other vicious malware.
May 20, 2013 | BY
New Facebook trojan Febipos is currently active in Brazil and takes control of your Facebook profile using a Firefox and/or Chrome extension that’s installed during execution.
May 11, 2013 | BY
Malware today is so numerous and diverse that security professionals have known for some time that signature based solutions would no longer be able to cut it alone. Not only are there too many new malware files each day, some of them are able to change their shape and signature as they go along. But,if […]
May 3, 2013 | BY
A couple of months ago, I did an article on generic obfuscation techniques used to hide malware. It continues to be no surprise that malware tries to hide using an array of techniques that are easy to implement. I wanted to elaborate on one of those techniques I mentioned earlier, which was the exclusive or […]
April 3, 2013 | BY
As researchers find more security flaws in Oracle Java, the software continues to be used for exploitation and malware delivery. This year has been a shaky start for the cross-platform web technology, where it seems the number of documented vulnerabilities is hard to number. If you recall in January, we saw a zero-day later found […]
April 1, 2013 | BY
Dear Readers, We regret to inform you that over the weekend, Malwarebytes was under direct, targeted attack from a new type of malware of unknown origin. The malware was shutting down systems left and right at our headquarters. We were able to cut off its spread through our network and obtain a sample of it […]
March 20, 2013 | BY
This week the research team stumbled across a Russian ransomware sample so I decided to take a peek. The ransom message demands your money (in rubles, actually) and threatens to delete your data if payment isn’t sent within 12 hours.
March 14, 2013 | BY
Bill Gates is the latest victim of a series of hacks targeting celebrities and getting their private information exposed to the world. A group of hackers who already published Social Security Numbers, Credit Reports and banking details, addresses etc. for several other high profiles, is still enjoying an undisrupted run. Equifax recently confirmed being breached […]
March 8, 2013 | BY
Here at Malwarebytes, we see a lot of malware. Whether it’s a botnet used to attack web servers or a ransomware stealing your files, much of today’s malware wants to stay hidden during infection and operation to prevent removal and analysis. Malware achieves this using many techniques
March 6, 2013 | BY
Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making this a zero-day. The flaw is not just a proof of concept but has been spotted in the wild and it will be just a matter […]
February 20, 2013 | BY
In May 2011 the European Union changed the law that covers the use of electronic communications networks to store information, e.g. using cookies, or gain access to information stored in the terminal equipment of a subscriber or user. One year later, in May 2012 the law was updated in the sense that implied consent was […]
February 15, 2013 | BY
This week I am talking with Eric Freyssinet, head of a national cybercrime investigative unit in France. We discuss ransomware and cyber crime in general from a researcher/law enforcement point of view. There are several initiatives in place to educate end users about these threats and also how to get rid of them without forking […]
February 13, 2013 | BY
What is a text popup? A text popup is a link that opens a popup box containing advertisements, usually prompted by a mouse-over. Where do they come from? As a moderator on a few forums and as an amateur web-designer, I often get complaints from people asking me to remove the annoying text popups or […]
February 11, 2013 | BY
Exploit Kits are a serious cyber threat today, estimated to be responsible for the vast percentage of malware infections worldwide. Exploit kits distributed currently through both public and underground sources appeal to a wide range of audiences, from inexperienced hackers to seasoned “black hat” cybercriminals. Perhaps you or someone you know may have heard about […]
February 5, 2013 | BY
This article is meant to give you an overview of how sandboxes are used and why malware writers try to avoid their code to run on them. It will also list some methods that are in use to make malware sandbox-sensitive. Without going into much detail it will also give you an idea of the […]
February 4, 2013 | BY
Update (Feb 6th): The digital certificates have been revoked by DigiCert. Update (Feb 4th, 3:44 PM): Egnyte has promptly taken down the illicit account following our call. However, digital signature is still in use. In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If […]
January 30, 2013 | BY
UPDATE: As of 1/28, the Facebook page for Malwarebiter appears to have been deleted. Overview A few days ago Malwarebytes Intelligence Analyst Adam Kujawa released a Cyber-Threat Advisory on a fairly new anti-malware product on the web called “Malwarebiter”. This product grabbed our attention because of its similar name to Malwarebytes.
January 10, 2013 | BY
URGENT: New Java Exploit being used to infect Updated Users. ACTION: Disable Java Browser Plugin using: http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/ http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/ DETAILS: As of yesterday, a new Java exploit has been developed and released to the cyber-crime community. It is currently in the wild and being used to distribute malware such as the Reveton Ransomware.
January 2, 2013 | BY
The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever. Vulnerabilities are flaws that exist in various programs and that allow someone to […]