Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    January 2015
    S M T W T F S
    « Dec    
     123
    45678910
    11121314151617
    18192021222324
    25262728293031
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category



    Dec23
    3:18 pm (UTC-7)   |    by

    In recent weeks, a major Korean electric utility has been affected by destructive malware, which was designed to wipe the master boot records (MBRs) of affected systems. It is believed that this MBR wiper arrived at the target systems in part via a vulnerability in the Hangul Word Processor (HWP), a commonly used application in South Korea. A variety of social engineering lures were used to get would-be victims to open these files. Below is a quick overview of the attack ...

    Posted in Malware, Targeted Attacks |



    We often talk about the security risks when dealing with third-party app stores. Previous research has shown that third-party app stores are often a hotbed of malware, specifically, malicious versions of popular apps. Aside from malicious apps, we are now seeing a marked increase of “downloader apps” in these stores, whose primary function is to download other apps that may lead to security risks for mobile users. Downloader Apps Seen in a Third-Party App Store in China Our engineers decided to look at ...

    Posted in Malware, Mobile |



    We recently found a new banking Trojan which targeted several banks in South Korea. This isn’t the first, though: in June last year, we saw that several online banking threats widened their range and targeted South Korean banks using various techniques. Throughout the course of monitoring similar threats, we noticed a new wave of banking Trojans targeting South Korean banks that show unusual behavior, including the use of Pinterest as their command and control (C&C) channel. Infection Via Malicious Iframe Injection This threat is currently affecting users in South Korea via compromised ...

    Posted in Bad Sites, Exploits, Malware |



    We noticed that there has been a spike in infections related to the malware URSNIF. The URSNIF family is known to steal information such as passwords. Spyware are always considered high risk, but these URSNIF variants can cause damage beyond info-stealing. These URSNIF variants are file-infectors—which is the cause of the noted spike in detection counts. Infection Data Based on feedback from the Smart Protection Network, the countries most affected are the United States and the United Kingdom. These two countries comprise nearly 75% ...

    Posted in Malware |



    Last week we wrote about a sudden hike in crypto-ransomware variants across the Europe, the Middle East and Africa (EMEA) region, specifically seen in Spain, France, Turkey, Italy, and the United Kingdom. In this blog post we will discuss another strain of ransomware known as REVETON, which was seen infecting systems in the United States with a new infection method: arriving as a .DLL versus the traditional .EXE. REVETON Making a Comeback (Yet Again)  Over the past few months spanning October up ...

    Posted in Malware |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice