Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    December 2014
    S M T W T F S
    « Nov    
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category

    We have continuously monitored crypto-ransomware's modifications and evolution since its discovery in late 2013. Though crypto-ransomware  is still relatively “new” to the threat landscape, it has already established itself as a formidable threat to unsuspecting users. By definition, crypto-ransomware shares similar routines with cryptolocker, a refinement of ransomware with file-encryption capabilities. We recently came across two variants of crypto-ransomware, each with a routine or feature not found in other variants. The discovery of these two variants proves that crypto-ransomware is still continuing its ...

    Posted in Malware |

    We recently found that the malware family ROVNIX is capable of being distributed via macro downloader. This malware technique was previously seen in the DRIDEX malware, which was notable for using the same routines. DRIDEX is also known as the successor of the banking malware CRIDEX. Though a fairly old method for infection, cybercriminals realized that using malicious macros work just fine–even against sophisticated defense measures. ROVNIX Malware Routines Based on our analysis, ROVNIX writes malicious rootkit drivers to an unpartitioned space of the NTFS drive. This effectively ...

    Posted in Malware |

    5:00 am (UTC-7)   |    by

    PoS malware has been receiving a tremendous amount of attention in the past two years with high profile incidents like Target, Home Depot, and Kmart. With the massive "Black Friday" shopping season coming up, PoS malware will surely get additional publicity. This high profile nature means, we constantly look for evolving PoS malware and look into their behavior patterns to better protect our customers and users. In order to be successful, PoS scammers don’t rely only on their malware to attack and exfiltrate victim ...

    Posted in Malware |

    Last August, we wrote about POWELIKS's malware routines that are known for hiding its malicious codes in the registry entry as part of its evasion tactics. In the newer samples we spotted, malware detected as TROJ_POWELIKS.B employed a new autostart mechanism and removes users' privileges in viewing the registry’s content. As a result, users won’t be able to suspect that their systems are already infected by the POWELIKS malware. This new autostart technique is fairly new to the threat landscape, a technique that is not currently covered by Autoruns ...

    Posted in Malware |

    In our monitoring of the global threat landscape, we tend to notice that countries sometimes are affiliated with a particular cybercriminal activity. One classic example is Brazil, which is known for its association with banking malware. As we noted in a previous blog entry, “[0]nline banking theft is especially rampant in the country, whose history of hyperinflation has once led to an early adoption of online financial systems and a large online banking community.” However, we felt like something was missing. ...

    Posted in Malware |


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice