HackDig : Dig high-quality web security articles for hacker

Story of the year 2019: Cities under ransomware siege

Ransomware has been targeting the private sector for years now. Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems. Looking back at the past three years, the share of users targeted with ransomware in the overall
Publish At:2019-12-11 06:05 | Read:226 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Malware Descriptions Ma

IT threat evolution Q3 2019

Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this
Publish At:2019-11-30 13:05 | Read:312 | Comments:0 | Tags:Featured Malware reports Apple MacOS APT connected car Cyber

Spam and phishing in Q3 2019

Quarterly highlights Amazon Prime In Q3, we registered numerous scam mailings related to Amazon Prime. Most of the phishing emails with a link to a fake Amazon login page offered new prices or rewards for buying things, or reported problems with membership, etc. Against the backdrop of September’s Prime Day sale, such messages were plausible. Scammers
Publish At:2019-11-26 06:05 | Read:251 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The ma
Publish At:2019-11-12 01:05 | Read:277 | Comments:0 | Tags:APT reports Featured Backdoor fileless malware Malware Descr

COMpfun successor Reductor infects files on the fly to compromise TLS traffic

In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capa
Publish At:2019-10-03 07:00 | Read:463 | Comments:0 | Tags:APT reports Featured Browser Digital Certificates Encryption

HQWar: the higher it flies, the harder it drops

Mobile dropper Trojans are one of today’s most rapidly growing classes of malware. In Q1 2019, droppers are in the 2nd or 3rd position in terms of share of total detected threats, while holding nearly half of all Top 20 places in 2018. Since the droppers’ main task is to deliver payload while sidestepping the protective barriers, and their develo
Publish At:2019-10-02 13:20 | Read:311 | Comments:0 | Tags:Malware descriptions Dropper Google Android Malware Descript

Hello! My name is Dtrack

Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards that were inserted into the mach
Publish At:2019-09-23 06:20 | Read:431 | Comments:0 | Tags:Featured Research ATM Dropper Financial malware Lazarus Malw

IT threat evolution Q2 2019

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users thr
Publish At:2019-09-19 18:20 | Read:408 | Comments:0 | Tags:Featured Malware reports APT Cyber espionage Data leaks Fina

Spam and phishing in Q2 2019

Quarterly highlights Spam through Google services In the second quarter of 2019, scammers were making active use of cloud-based data storage services such as Google Drive and Google Storage to hide their illegal content. The reasoning behind this is simple: a link from a legitimate domain is seen as more trustworthy by both users and spam filters. Most often
Publish At:2019-09-19 18:20 | Read:232 | Comments:0 | Tags:Featured Spam and phishing Malicious spam Malware Descriptio

Fully equipped Spying Android RAT from Brazil: BRATA

“BRATA” is a new Android remote access tool malware family. We used this code name based on its description – “Brazilian RAT Android”. It exclusively targets victims in Brazil: however, theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to. It has been widespread since Janua
Publish At:2019-09-19 18:20 | Read:254 | Comments:0 | Tags:Research Brazil Google Android Malware Descriptions Mobile M

Threats to macOS users

Introduction The belief that there are no threats for the macOS operating system (or at least no serious threats) has been bandied about for decades. The owners of MacBooks and iMacs are only rivaled by Linux users in terms of the level of confidence in their own security, and we must admit that they are right to a certain degree: compared to Windows-based s
Publish At:2019-09-19 18:20 | Read:299 | Comments:0 | Tags:Featured Research Apple MacOS Malware Descriptions Phishing

Spam and phishing in Q3 2017

Quarterly highlights Blockchain and spam Cryptocurrencies have been a regular theme in the media for several years now. Financial analysts predict a great future for them, various governments are thinking about launching their own currencies, and graphics cards are swept off the shelves as soon as they go on sale. Of course, spammers could not resist the top
Publish At:2017-11-03 07:15 | Read:2516 | Comments:0 | Tags:Featured Spam and phishing reports Malicious spam Malware De

ATM malware is being sold on Darknet market

Disclaimer and warning ATM systems appear to be very secure, but the money can be accessed fairly easily if you know what you are doing. Criminals are exploiting hardware and software vulnerabilities to interact with ATMs, meaning they need to be made more secure. This can be achieved with the help of additional security software, properly configured to stop
Publish At:2017-10-21 15:05 | Read:3880 | Comments:0 | Tags:Research ATM Darknet Financial malware Malware Descriptions

Miners on the Rise

Miners are a class of malware whose popularity has grown substantially this year. The actual process of cryptocurrency mining is perfectly legal, though there are groups of people who hoodwink unwitting users into installing mining software on their computers, or exploiting software vulnerabilities to do so. This results in threat actors receiving cryptocurr
Publish At:2017-09-12 13:30 | Read:2760 | Comments:0 | Tags:Research Botnets Cryptocurrencies Malware Descriptions Socia

Jimmy Nukebot: from Neutrino with love

“You FOOL! This isn’t even my final form!” In one of our previous articles, we analyzed the NeutrinoPOS banker as an example of a constantly evolving malware family. A week after publication, this Neutrino modification delivered up a new malicious program classified by Kaspersky Lab as Trojan-Banker.Win32.Jimmy. NeutrinoPOS vs Jimmy The au
Publish At:2017-08-29 07:00 | Read:3423 | Comments:0 | Tags:Research Banking Trojan Cryptocurrencies Malware Description

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud