Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    March 2015
    S M T W T F S
    « Feb    
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    We were recently alerted to reports claiming that the website North Korea's official news service, www.kcna.kp, had been delivering malware via embedded malicious code. One of the photos on the website was found to contain malware, which suggests that this is part of a watering hole attack targeting individuals who visit the website and its other pages. Below is an infection diagram for the malware associated with this attack. Figure 1. Infection diagram The mother file in this attack is detected as PE_WINDEX.A-O. ...

    Posted in Bad Sites, Malware |



    We noticed a recent influx of crypto-ransomware spreading in Australia. This recent wave rings similar to the hike of infections in the Europe/Middle East/Africa (EMEA) region we wrote about in early December. Upon further research and analysis, we concluded that the attackers behind these incidents could possibly belong to the same cybercriminal gang due to the similarity in their IP addresses. Infection Vectors Our analysis shows that the family-based pattern that identified the TorrentLocker malware that hit Australia also identified the outbreaks in Turkey, Italy, and France. We observed that ...

    Posted in Malware |



    We recently reported that the EMEA (Europe-Middle East-Africa) region experienced a surge in ransomware, specifically, crypto-ransomware attacks. It appears that these attacks are no longer limited to that region. Research from Trend Micro engineers shows that the ANZ (Australia-New Zealand) region is the latest to be greatly affected by this type of malware—this time by TorrentLocker ransomware. The Infection Chain Figure 1. Infection diagram for ANZ attacks The malware arrives through emails that pretend to be penal notices from the New South Wales government ...

    Posted in Malware |



    The remote access tool (RAT) HAVEX became the focus of the security industry after it was discovered to have played a major role in a campaign targeting industrial control systems (ICS). While observing HAVEX detections (known by different vendors as Dragonfly, Energetic Bear, and Crouching Yeti), we noticed something interesting. The Dragonfly campaign was previously believed to be compatible with only for 32-bit versions as most mission critical systems would most likely Windows XP, which has since been listed as end of ...




    With the finalization of HTML5 standard by World Wide Web Consortium (W3C) last October, there will be a rapid growth of new HTML5 web apps coming out in the near future. Considering the platform independent characteristic in web apps, we foresee that HTML5 will accelerate the repackaging from web apps to mobile apps for malicious intent. A Quick Overview of HTML5 Android Apps According to our monitoring, the amount of new HTML5-packaged apps coming to the Android platform increased by 200% in ...

    Posted in Malware, Mobile |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice