HackDig : Dig high-quality web security articles for hackers

HQWar: the higher it flies, the harder it drops

Mobile dropper Trojans are one of today’s most rapidly growing classes of malware. In Q1 2019, droppers are in the 2nd or 3rd position in terms of share of total detected threats, while holding nearly half of all Top 20 places in 2018. Since the droppers’ main task is to deliver payload while sidestepping the protective barriers, and their develo
Publish At:2019-10-02 13:20 | Read:1014 | Comments:0 | Tags:Malware descriptions Dropper Google Android Malware Descript

Hello! My name is Dtrack

Our investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards that were inserted into the mach
Publish At:2019-09-23 06:20 | Read:1612 | Comments:0 | Tags:Featured Research ATM Dropper Financial malware Lazarus Malw

Silence – a new Trojan attacking financial organizations

More information about the Silence Trojan is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com In September 2017, we discovered a new targeted attack on financial institutions. Victims are mostly Russian banks but we also found infected organizations in Malaysia and Armenia. The attackers were using a kno
Publish At:2017-11-01 18:25 | Read:4795 | Comments:0 | Tags:Featured Research Backdoor Dropper Financial malware Targete

A simple example of a complex cyberattack

We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it ‘M
Publish At:2017-09-26 14:25 | Read:3909 | Comments:0 | Tags:Research DLL hijacking Dropper Microsoft Word Social Enginee

De-obfuscating malicious Vbscripts

Although they were never really gone, it looks like there is a rise in the number of malicious vbscripts in the wild. Maybe the similarity to VBA scripts and possible use in macros is responsible for the increased popularity. Let’s have a quick look at a few of them. First some background VBScript has been installed with every desktop version of Windows sin
Publish At:2016-03-01 14:45 | Read:5010 | Comments:0 | Tags:Malware Analysis banker clicker de-obfuscate decrypt dropper

CoreBot Malware Steals Credentials-For Now

A new piece of data-stealing malware has a real thirst for credentials—and the potential for worse trouble down the line.IBM today published a report on CoreBot, generic information-stealing malware designed with enough flexibility to soon ramp up its capabilities to exfiltrate data in real time. “CoreBot appears to be quite modular, which means that
Publish At:2015-08-31 18:15 | Read:48942 | Comments:0 | Tags:Malware Web Security banking trojan CoreBot DGA domain gener

Cryptowall 3.0 Slims Down, Removes Exploits From Dropper

A slimmed down version of Cryptowall is in circulation, and this one contains no built-in exploits, confirming a growing trend that most ransomware will be spread almost exclusively via exploit kits.Kits such as Angler, Nuclear, and most recently Hanjuan, have been busy incorporating Flash exploits dropping a mix of click-fraud malware and ransomware with gr
Publish At:2015-02-09 17:20 | Read:3971 | Comments:0 | Tags:Uncategorized Cisco Cisco Talos command and control Cryptowa

Tools

Tag Cloud