Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    January 2015
    S M T W T F S
    « Dec    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    We noticed a recent influx of crypto-ransomware spreading in Australia. This recent wave rings similar to the hike of infections in the Europe/Middle East/Africa (EMEA) region we wrote about in early December. Upon further research and analysis, we concluded that the attackers behind these incidents could possibly belong to the same cybercriminal gang due to the similarity in their IP addresses. Infection Vectors Our analysis shows that the family-based pattern that identified the TorrentLocker malware that hit Australia also identified the outbreaks in Turkey, Italy, and France. We observed that ...

    Posted in Malware |



    We recently reported that the EMEA (Europe-Middle East-Africa) region experienced a surge in ransomware, specifically, crypto-ransomware attacks. It appears that these attacks are no longer limited to that region. Research from Trend Micro engineers shows that the ANZ (Australia-New Zealand) region is the latest to be greatly affected by this type of malware—this time by TorrentLocker ransomware. The Infection Chain Figure 1. Infection diagram for ANZ attacks The malware arrives through emails that pretend to be penal notices from the New South Wales government ...

    Posted in Malware |



    The remote access tool (RAT) HAVEX became the focus of the security industry after it was discovered to have played a major role in a campaign targeting industrial control systems (ICS). While observing HAVEX detections (known by different vendors as Dragonfly, Energetic Bear, and Crouching Yeti), we noticed something interesting. The Dragonfly campaign was previously believed to be compatible with only for 32-bit versions as most mission critical systems would most likely Windows XP, which has since been listed as end of ...




    With the finalization of HTML5 standard by World Wide Web Consortium (W3C) last October, there will be a rapid growth of new HTML5 web apps coming out in the near future. Considering the platform independent characteristic in web apps, we foresee that HTML5 will accelerate the repackaging from web apps to mobile apps for malicious intent. A Quick Overview of HTML5 Android Apps According to our monitoring, the amount of new HTML5-packaged apps coming to the Android platform increased by 200% in ...

    Posted in Malware, Mobile |


    Dec23
    3:18 pm (UTC-7)   |    by

    In recent weeks, a major Korean electric utility has been affected by destructive malware, which was designed to wipe the master boot records (MBRs) of affected systems. It is believed that this MBR wiper arrived at the target systems in part via a vulnerability in the Hangul Word Processor (HWP), a commonly used application in South Korea. A variety of social engineering lures were used to get would-be victims to open these files. Below is a quick overview of the attack ...

    Posted in Malware, Targeted Attacks |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice