HackDig : Dig high-quality web security articles for hacker

Dvmap: the first Android malware with code injection

In April 2017 we started observing new rooting malware being distributed through the Google Play Store. Unlike other rooting malware, this Trojan not only installs its modules into the system, it also injects malicious code into the system runtime libraries. Kaspersky Lab products detect it as Trojan.AndroidOS.Dvmap.a. The distribution of rooting malware thr
Publish At:2017-06-08 15:45 | Read:686 | Comments:0 | Tags:Featured Mobile code injection Google Android Mobile Malware

WannaCry mistakes that can help you restore files after infection

Sometimes ransomware developers make mistakes in their code. These mistakes could help victims regain access to their original files after a ransomware infection. This article is a short description of several errors, which were made by the WannaCry ransomware developers. Errors in file removal logic When Wannacry encrypts its victim’s files, it reads
Publish At:2017-06-01 10:55 | Read:592 | Comments:0 | Tags:Blog Featured Research Ransomware WannaCry

What Interests Children Online

Today’s children and teenagers are integrated into cyberspace so tightly that discussions on the outright prohibition of using devices with Internet connectivity are nonsensical. It is more reasonable to teach children how to behave themselves correctly online and lend support by protecting them against undesirable content. To solve these problems, man
Publish At:2017-06-01 10:55 | Read:589 | Comments:0 | Tags:Analysis Featured Publications Parental control Security tec

IT threat evolution Q1 2017

Overview Targeted attacks and malware campaigns More wipers The aim of most targeted attack campaigns is to steal sensitive data. However, this isn’t always the goal. Sometimes attackers erase data instead of – or as well as – trying to gain access to confidential information. We’ve seen several wiper attacks in recent years. They include Shamoon
Publish At:2017-05-22 11:35 | Read:928 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports APT Cyber espion

IT threat evolution Q1 2017. Statistics

Q1 figures According to KSN data, Kaspersky Lab solutions detected and repelled 479,528,279 malicious attacks from online resources located in 190 countries all over the world. 79,209,775 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that aims to steal money via online access to bank accounts were regis
Publish At:2017-05-22 11:35 | Read:426 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports Financial malwar

WannaCry and Lazarus Group – the missing link?

A few hours ago, Neel Mehta, a researcher at Google posted a mysterious message on Twitter with the #WannaCryptAttribution hashtag: The cryptic message in fact refers to a similarity between two samples that have shared code. The two samples Neel refers to in the post are: A WannaCry cryptor sample from February 2017 which looks like a very early variant A
Publish At:2017-05-15 18:30 | Read:540 | Comments:0 | Tags:Blog Featured Research Lazarus Ransomware WannaCry

Ztorg: money for infecting your smartphone

This research started when we discovered an infected Pokémon GO guide in Google Play. It was there for several weeks and was downloaded more than 500,000 times. We detected the malware as Trojan.AndroidOS.Ztorg.ad. After some searching, I found some other similar infected apps that were being distributed from the Google Play Store. The first of them, called
Publish At:2017-05-15 13:40 | Read:864 | Comments:0 | Tags:Analysis Featured Publications advertisement Google Android

WannaCry FAQ: What you need to know today

Friday May 12th marked the start of the dizzying madness that has been ‘WannaCry’, the largest ransomware infection in history. Defenders have been running around with their heads on fire trying to get ahead of the infection and to understand the malware’s capabilities. In the process, a lot of wires have gotten crossed and we figured it
Publish At:2017-05-15 13:40 | Read:788 | Comments:0 | Tags:Blog Featured Research Encryption Malware Descriptions Ranso

DDOS attacks in Q1 2017

News Overview Thanks to IoT botnets, DDoS attacks have finally turned from something of a novelty into an everyday occurrence. According to the A10 Networks survey, this year the ‘DDoS of Things’ (DoT) has reached critical mass – in each attack, hundreds of thousands of devices connected to the Internet are being leveraged. The fight against this
Publish At:2017-05-13 11:15 | Read:708 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports Botnets DDoS-att

Spam and phishing in Q1 2017

Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost
Publish At:2017-05-02 05:05 | Read:788 | Comments:0 | Tags:Analysis Featured Quarterly Spam Reports Malicious spam Malw

APT Trends report, Q1 2017

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to as
Publish At:2017-04-27 19:15 | Read:743 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports APT fileless mal

APT Threat Evolution in Q1 2017

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to as
Publish At:2017-04-27 05:40 | Read:453 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports APT fileless mal

Hajime, the mysterious evolving botnet

Introduction Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. One month later we saw the first samples being uploaded from Spain to VT. This worm builds a huge P2P botnet (almost 300,000 devices at the time of publishing this blogpost), but its real purpose
Publish At:2017-04-25 12:00 | Read:1192 | Comments:0 | Tags:Blog Featured Research Botnets honeypot Internet of Things M

Exploits: how great is the threat?

How serious, really, is the danger presented by exploits? The recent leak of an exploit toolset allegedly used by the infamous Equation Group suggests it’s time to revisit that question. Several zero-days, as well as a bunch of merely ‘severe’ exploits apparently used in-the-wild were disclosed, and it is not yet clear whether this represen
Publish At:2017-04-20 08:00 | Read:752 | Comments:0 | Tags:Analysis Featured Publications Internal Threats Statistics V

Ransomware in targeted attacks

Ransomware’s popularity has attracted the attention of cybercriminal gangs; they use these malicious programs in targeted attacks on large organizations in order to steal money. In late 2016, we detected an increase in the number of attacks, the main goal of which was to launch an encryptor on an organization’s network nodes and servers. This is
Publish At:2017-04-04 23:30 | Read:883 | Comments:0 | Tags:Blog Featured SAS Encryption Ransomware Targeted Attacks

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud