Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    Legitimate services are often used by cybercriminals to try and make their attacks more convincing. Recently, I spotted attacks that used services and platforms like Google Drive and Dropbox in order to look less suspicious to unwary users. I received a spammed message like the one shown right below that supposedly came from Gmail itself. It warned me that someone logged into my account from an unknown device. However, all of the links in it pointed to a Google Drive URL: Figure 1. Sample spam email Even though the email ...

    Posted in Malware, Spam |



    The incidents that cropped up in the months of April to June 2014—from the data breaches, DDoS attacks, to malware improvements and threats to privacy—highlighted the need for enterprises to craft a more strategic response against and in anticipation of security threats. There were plenty of threats to be found in the quarter. There was the major vulnerability, Heartbleed, in the widely used cryptographic library OpenSSL. We saw both tech companies and restaurant chains fall victim to data breaches. We saw ...



    Aug6
    4:05 am (UTC-7)   |    by

    Last week, the US Computer Emergency Readiness Team (US-CERT) reported about a newly discovered malware, dubbed "Backoff”, which targets point-of-sale (PoS) systems. Similar to other PoS malware such as Dexter and Scraper, Backoff is also used to steal financial information for malicious purposes. Based on our analysis, when Backoff is executed, it copies itself into %Application Data%\OracleJava\javaw.exe and launches the copy in %Application Data% with parameter -m <path_to_original_backoff>.  This will terminate the original Backoff process and delete the initial copy of itself. We have seen the same ...

    Posted in Malware |



    Earlier this year, the Federal Bureau of Investigation disrupted the activities of the Gameover botnet. That disruption had a significant effect on the scale of the ZBOT threat, but it was unlikely that cybercriminals would not respond in some fashion. The use of domain generation algorithms (DGAs) is a key part of Gameover, but new variants like TROJ_ZBOT.YUYAQ have made this tactic even more powerful. How exactly does this variant use this technique? The domains are based on the results of an MD5 hash generated ...

    Posted in Malware | 1 TrackBack »



    We spotted a malware that hides all its malicious codes in the Windows Registry. The said tactic provides evasion and stealth mechanisms to the malware, which Trend Micro detects as TROJ_POWELIKS.A.  When executed, TROJ_POWELIKS.A downloads files, which can cause further system infection. Systems affected by this malware risk being infected by other malware, thus causing further system infection. In addition, it has the capability to steal system information, which may be used by cybercriminals to launch other attacks. Evasion Mechanism Apart from stealth ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice