Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    January 2015
    S M T W T F S
    « Dec    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    In the middle of my research on the remote access Trojan (RAT) known as “njrat” or “Njw0rm”, I stumbled upon dev-point.com, a site that disguises itself as a site for “IT enthusiasts” but actually hosts various downloaders, different types of spyware, and RATs. I explored the site and found that they host malware under the “Protection Devices” section in their website. Under this section was a forum written in Arabic, which may suggest that an Arabic-speaking country is behind it. Figure ...

    Posted in Malware |



    Last July we came across a crypto-ransomware variant known as Critroni or Curve-Tor-Bitcoin (CTB) Locker. We observed recent improvements to the CTB malware, which now offer a "free decryption" service, extended deadline to decrypt the files, and an option to change the language of the ransom message. These new variants also demand payment of 3 BTC (around $USD 630), while older ones seen in July only charged .02 BTC, or $USD 24. Along with these improvements, we are also seeing a spike ...




    2014 became the year that placed PoS (point-of-sale) threats in the spotlight. Make no mistake—PoS threats have existed for years. However, the Target data breach last January was the first incident that made the general public notice this threat. 2014: the Year of PoS Malware While the Target breach may have been the first PoS-related incident of 2014, it soon became clear that it wouldn’t be the last. By the end of the third quarter of the year, six new variants of ...

    Posted in Malware |



    Hacks in Taiwan (HITCON), a security conference hosted in that country, has discovered an attack involving several online games. Official releases of two popular online games were found to be compromised, downloading malware onto computers. HITCON worked with Trend Micro to provide a clean-up tool to possible victims of the attack. Trend Micro was then able to coordinate with the affected game provider to help address the incident. Compromised Official Releases The games that were used in the attack were online games League of Legends ...




    We were recently alerted to reports claiming that the website North Korea's official news service, www.kcna.kp, had been delivering malware via embedded malicious code. One of the photos on the website was found to contain malware, which suggests that this is part of a watering hole attack targeting individuals who visit the website and its other pages. Below is an infection diagram for the malware associated with this attack. Figure 1. Infection diagram The mother file in this attack is detected as PE_WINDEX.A-O. ...

    Posted in Bad Sites, Malware |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice