HackDig : Dig high-quality web security articles for hackers

Mac ThiefQuest malware may not be ransomware after all

Editor’s note: The original name for the malware, EvilQuest, has been changed due to a legitimate game of the same name from 2012. The new name, ThiefQuest, is also more fitting for our updated understanding of the malware. The ThiefQuest malware, which was discovered last week, may not actually be ransomware according to new findings. The behaviors
Publish At:2020-07-07 14:23 | Read:212 | Comments:0 | Tags:Mac Apple decryption mac mac antivirus mac malware mac ranso

New Wiper Malware Blames Two Security Researchers for Infection

A new wiper malware falsely informed victims in its infection notice that two security researchers had been responsible for attacking them.According to Bleeping Computer, users who downloaded programs from free software and crack sites found that they couldn’t successfully authenticate themselves and unlock their Windows computers. Instead, their machi
Publish At:2020-04-14 12:27 | Read:603 | Comments:0 | Tags:IT Security and Data Protection Latest Security News malware

New COVID19 wiper overwrites MBR making computers unusable

A recently discovered strain of malware exploits the current COVID19 pandemic to render computers unusable by overwriting the MBR. SonicWall’s security researchers have discovered a new piece of malware that exploits the current COVID19 outbreak to render computers unusable by overwriting the master boot record (MBR). Unfortunately, this is one of the
Publish At:2020-04-02 11:00 | Read:619 | Comments:0 | Tags:Breaking News Cyber Crime Malware coronavirus covid19 hackin

FBI warns of nation-state actors using the Kwampirs malware

For the third time in a few weeks, the FBI has issued an alert about supply chain attacks carried out by nation-state actors using the Kwampirs malware. The FBI has issued an alert about supply chain attacks using the Kwampirs malware as part of a hacking campaign carried out on a global scale by state-sponsored hackers. The FBI has issued an alert o
Publish At:2020-03-31 08:39 | Read:484 | Comments:0 | Tags:APT Breaking News Hacking Malware coronavirus covid19 hackin

MBR-ONI ransomware involved in targeted attacks against Japanese organizations

MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns. MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to encrypt the fi
Publish At:2017-11-01 19:50 | Read:5783 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking malware

RedBoot ransomware also modifies partition table, is it a wiper?

The RedBoot ransomware encrypts files on the infected computer, replaces the Master Boot Record and then modifies the partition table. Malware Blocker researcher discovered a new bootlocker ransomware, dubbed RedBoot, that encrypts files on the infected computer, replaces the Master Boot Record (MBR) of the system drive and then modifies the partition table.
Publish At:2017-09-25 16:35 | Read:3516 | Comments:0 | Tags:Breaking News Malware Cybercrime malware RedBoot ransomware

The Ukrainian central bank warned of new NotPetya-style massive attack risk

The Ukrainian central bank warned state-owned and private lenders of the appearance of new the NotPetya-like attack that would target national businesses. On Friday, the Ukrainian central bank warned of new malware-based attack risk. According to the Reuters, the Ukrainian central bank warned state-owned and private lenders of the spreading of new infections
Publish At:2017-08-19 08:55 | Read:3326 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Malware notpetya Petya r

Anti-Israel and pro-Palestinian IsraBye wiper spreads as a ransomware

Malware researchers discovered an anti-Israel & pro-Palestinian data wiper dubbed IsraBye that is spreading as a ransomware. Malware researcher Jakub Kroustek from Avast has recently discovered an anti-Israel & pro-Palestinian data wiper dubbed IsraBye. Even if the lock screen claims that the files can be recovered, their content is replaced with an
Publish At:2017-08-13 23:35 | Read:3482 | Comments:0 | Tags:Breaking News Malware IsraBye Israel malware ransomware Sabo

No Free Pass for ExPetr

Recently, there have been discussions around the topic that if our product is installed, ExPetr malware won’t write the special malicious code which encrypts the MFT to MBR. Some have even speculated that some kind of conspiracy might be ongoing. Others have pointed out it’s plain and simple nonsense. As usual, Vesselin Bontchev, a legend in IT s
Publish At:2017-07-13 22:50 | Read:3314 | Comments:0 | Tags:Research ExPetr Petya Ransomware Wiper

From BlackEnergy to ExPetr

Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak – you can read our findings here:Schroedinger’s Pet(ya) and ExPetr is a wiper, not ransomware. As in the case of Wannacry, attribution is very difficult and finding links with previously known malware is challenging. In the case of Wannacry, Google’s Neel Mehta was
Publish At:2017-06-30 21:50 | Read:3874 | Comments:0 | Tags:Research APT BlackEnergy Data Encryption Petya Wiper

Notpetya – The Petya variant used in the massive attack is a wiper disguised by a ransomware

According to the researchers, the Petya variant (NotPetya) used in the massive attack is a wiper disguised by a ransomware. In these hours the massive global attack based on Petya variant made the headlines, computers in many countries were infected, including Russia, Ukraine, France, India and the US. A new analysis conducted on the ransomware reveals the t
Publish At:2017-06-30 04:50 | Read:13482 | Comments:0 | Tags:Breaking News Hacking Malware notpetya Petya ransomware rans

ExPetr/Petya/NotPetya is a Wiper, Not Ransomware

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made. This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was designed as a wiper prete
Publish At:2017-06-28 19:25 | Read:4376 | Comments:0 | Tags:Featured Incidents Petya Ransomware Wiper

APT Trends report, Q1 2017

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to as
Publish At:2017-04-27 19:15 | Read:4198 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports APT fileless mal

APT Threat Evolution in Q1 2017

Kaspersky Lab is currently tracking more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organizations in over 80 countries. During the first quarter of 2017, there were 33 private reports released to subscribers of our Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to as
Publish At:2017-04-27 05:40 | Read:3044 | Comments:0 | Tags:Analysis Featured Quarterly Malware Reports APT fileless mal

Shamoon 2 – Palo Alto Networks sheds lights on the method for network distribution

Security researchers at Palo Alto Networks have determined that the Shamoon 2 malware uses a rudimentary technique for network distribution. Security researchers at Palo Alto Networks continue to analyze the dreaded Shamoon 2 malware and the recent waves of attacks, now they have determined that the threat uses a rudimentary technique for network distributio
Publish At:2017-03-29 03:00 | Read:4310 | Comments:0 | Tags:Breaking News Cyber Crime Malware cyber espionage malware Sa

Announce

Share high-quality web security related articles with you:)

Tools

Keywords