Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    May 2015
    S M T W T F S
    « Apr    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • Email Subscription

  • About Us


    Archive for the ‘Bad Sites’ Category




    We recently found a new banking Trojan which targeted several banks in South Korea. This isn’t the first, though: in June last year, we saw that several online banking threats widened their range and targeted South Korean banks using various techniques. Throughout the course of monitoring similar threats, we noticed a new wave of banking Trojans targeting South Korean banks that show unusual behavior, including the use of Pinterest as their command and control (C&C) channel. Infection Via Malicious Iframe Injection This threat is currently affecting users in South Korea via compromised ...

    Posted in Bad Sites, Exploits, Malware | Comments Off on Banking Trojan Targets South Korean Banks; Uses Pinterest as C&C Channel



    Our previous blog entry discussed the "destructive" FBI security advisory and an analysis about the WIPALL malware family and its direct connection to the massive Sony Pictures hack. In this blog post, we will further discuss other WIPALL malware variants and their main routines that link to the #GOP warning seen in infected computers of Sony Pictures employees. Below is an overview of the infection chain to be discussed in this entry: BKDR64_WIPALL.F Disables McAfee's Services The WIPALL variant BKDR_WIPALL.C shares the same coding ...




    TrendLabs engineers were recently able to obtain a malware sample of the "destructive malware" described in reports about the Federal Bureau of Investigation (FBI) warning to U.S. businesses last December 2. According to Reuters, the FBI issued a warning to businesses to remain vigilant against this new "destructive" malware in the wake of the recent Sony Pictures attack. As of this writing, the link between the Sony breach and the  malware mentioned by the FBI has yet to be verified. The FBI flash memo titled ...

    Posted in Bad Sites, Malware | Comments Off on An Analysis of the “Destructive” Malware Behind FBI Warnings



    Our report on the threats seen in 3Q 2014 shows us that once again, software vulnerabilities are the most favored cybercriminal targets. Following the second quarter's infamous Heartbleed vulnerability came another serious vulnerability in open-source software: Shellshock. Having gone unnoticed for years, the Shellshock incident suggests that there might be more vulnerabilities in Bash or in applications previously thought safe. Below is a timeline of events that Shellshock unraveled. Figure 1. A timeline of events that illustrate the Shellshock exploitation that took place ...

    Posted in Bad Sites, Exploits, Malware, Mobile, Targeted Attacks, Vulnerabilities | Comments Off on 3Q 2014 Security Roundup: Vulnerabilities Under Attack



    In the entry FlashPack Exploit Leads to New Family of Malware, we tackled the Flashpack exploit kit and how it uses three URLs namely (http://{malicious domain}/[a-z]{3}[0-9]{10,12}/loxotrap.php, http://{malicious domain}/[0-9,a-z]{6,10}/load0515p6jse9.php, http://{malicious domain}/[a-z]{3}[0-9]{10,12}/ldcigar.php) as its landing site. We monitored the abovementioned URLs and found out that the FlashPack exploit kit is now using free ads to distribute malware such as ZeuS/ZBOT, DOFOIL, and ransomware variants. This technique of using ad networks for malicious intent is called malvertising. Based on data from the Trend Micro™ Smart Protection Network™, the ...

    Posted in Bad Sites, Malware | Comments Off on Flashpack Exploit Kit Used in Free Ads, Leads to Malware Delivery Mechanism


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice