HackDig : Dig high-quality web security articles for hacker

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:184 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

Malware spotlight: Nemty

IntroductionIf the last five years or so have proven anything, it is that ransomware is here to stay as a threat in the cybersecurity wild. This should not be used as rationale to simply ignore the deluge of new types of malware that are discovered weekly, as the recently discovered malware family Nemty has demonstrated. While appearing at first like a
Publish At:2020-03-26 10:44 | Read:192 | Comments:0 | Tags:Malware Analysis

EnigmaSpark: Politically Themed Cyber Activity Highlights Regional Opposition to Middle East Peace Plan

In recent analysis of malicious activity likely targeting entities based in the Middle East, IBM X-Force Incident Response and Intelligence Services (IRIS) discovered backdoor malware packed with the legitimate Enigma Protector software. We named this malware “EnigmaSpark” per the Enigma Protector and the string “Spark4.2” from a .pdb
Publish At:2020-03-18 09:23 | Read:202 | Comments:0 | Tags:Advanced Threats Threat Intelligence Command-and-Control (C&

Malware spotlight: Ekans

IntroductionIndustrial Control Systems, or ICS, have been the target of malware for some time now. Most of these threats target Windows systems and Windows processes, and aside from targeting ICS-specific processes, they are not much different from the horde of threats on that Windows XP system that you are currently using as a paperweight. A troubling
Publish At:2020-03-18 09:18 | Read:209 | Comments:0 | Tags:Malware Analysis

PXJ Ransomware Campaign Identified by X-Force IRIS

Ransomware has become one of the most profitable types of malware in the hands of cybercriminals, with reported cybercrime losses tripling in the last five years, according to the FBI. A constant flow of new and reused code in this realm continues to flood both consumers and organizations who fight to prevent infections, respond to attacks and often resort t
Publish At:2020-03-12 09:13 | Read:239 | Comments:0 | Tags:Malware Threat Intelligence Cryptography Cybercrime Encrypti

Virtualization-based sandbox malware

IntroductionSandboxing is well known for its ability to execute code safely without potential malicious effects afflicting a system. They are normally used when testing out how programs and applications will react in an environment and any other time that you want to test the trustworthiness of code. But many may not know that there are two different t
Publish At:2020-03-11 12:30 | Read:237 | Comments:0 | Tags:Malware Analysis

Maze ransomware

IntroductionOne of the many recurring themes in cybersecurity echoes one of the great mottos in life of “the only thing constant is change.” Ransomware is no exception to this rule, and this is best demonstrated by new types of ransomware which are redefining what this category of malware is capable of. Attackers leverage these new ransomware types to
Publish At:2020-03-04 13:34 | Read:184 | Comments:0 | Tags:Malware Analysis

Malware spotlight: Tarmac

IntroductionMany people wrongly believe that Mac computers are unable to get viruses. This belief is far from true. nVir, the first virus targeting Macintosh computers, appeared in 1987 and remained active until 1991. Although Macs are traditionally not friendly towards programs coming from unknown developers, they can still be affected by malware.A ne
Publish At:2020-03-03 11:00 | Read:281 | Comments:0 | Tags:Malware Analysis

Sextortion Scams Delivered by Emotet Net 10 Times More Than Necurs Sextortion — Here’s Why

Recent spam campaigns from Emotet featured sextortion content very similar to emails previously sent by the Necurs botnet. However, Emotet spam ended up netting 10 times the amount that a comparable Necurs campaign did — within a matter of six hours. Why was Emotet so much more successful with the same type of ploy? Two factors played into this. First, Emote
Publish At:2020-02-15 17:18 | Read:307 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Bitcoin Botnet Cy

CamuBot Resurfaces With Cross-Channel, Targeted Attacks in Brazil

The malware discussed in this blog saw input from X-Force researchers Andre Piva and Ofir Ozer. It was initially described in a blog post by X-Force’s Maor Wiesen and Limor Kessem. The IBM Trusteer cybercrime research labs specialize in the detection and counteraction of the crimeware and attacks operated by organized cybercrime gangs. In one of our re
Publish At:2020-02-09 10:30 | Read:265 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Bankin

Emotet Activity Rises as It Uses Coronavirus Scare to Infect Targets in Japan

IBM X-Force has identified a spam campaign targeting users in Japan that employs the Coronavirus scare as a lure to encourage people to open malicious emails. The messages contain Microsoft Office files loaded with macros that, when enabled, launch an infection routine that delivers the Emotet Trojan. In general, Emotet is very focused on infecting companies
Publish At:2020-02-09 10:30 | Read:359 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Cyberc

Malware spotlight: Droppers

Introduction There’s a cloud of confusion around droppers. Often seen as a sort of helper program in a cyberattack, droppers are actually a type of malware that plays an instrumental role. It should be considered its own type of malware because it is responsible for a number of malicious actions.This article will explore the dropper type of malware and
Publish At:2020-02-09 10:26 | Read:277 | Comments:0 | Tags:Malware Analysis

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siri_urz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strike and Maze ransomware, the later wave of malicious emails w
Publish At:2019-12-03 16:50 | Read:866 | Comments:0 | Tags:Threat analysis backdoor banking Trojan banking Trojans cred

The Day MegaCortex Ransomware Mayhem Was Averted

Averting cyberattacks planned out by aggressive threat actors is no easy feat for any organization, and much less for incident response (IR) teams who are usually called in after the attack has caused damage. IBM X-Force Incident Response and Intelligence Services (IRIS) analysts know this firsthand. The problem with this approach is that when an attack is a
Publish At:2019-10-18 10:20 | Read:586 | Comments:0 | Tags:Incident Response Malware Security Intelligence & Analytics

Bad Rabbit: A New Ransomware Campaign Rapidly Spreading Worldwide

October 24, Bad Rabbit is spreading in the wildOn October 2017, a new massive ransomware campaign rapidly spread across Europe, the malware dubbed Bad Rabbit rapidly infected systems of more than 200 major organizations mostly in Russia, Ukraine, Germany, Japan, and Turkey in a few hours.The Bad Rabbit ransomware compromised systems at several big Russ
Publish At:2017-10-27 13:35 | Read:3279 | Comments:0 | Tags:Malware Analysis


Share high-quality web security related articles with you:)


Tag Cloud