Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    March 2015
    S M T W T F S
    « Feb    
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    2014 was a year that was marked with numerous changes in the threat landscape. We saw a lot of improvements in existing malware, either with new evasion techniques or versions. We even saw some old techniques and attacks resurface in the landscape. Evasion Tactics We are seeing more malware incorporate Tor in their routines as a method of evasion. We have seen ZBOT variants include a Tor component to hide the malware’s communication to its command-and-control (C&C) servers. We have also seen ...

    Posted in Malware |



    2014 can be remembered as the year when PoS malware attacks became truly widespread. Many retailers and other businesses became victims of these attacks, which resulted in financial losses and embarrassment for their victims. One can ask: how do these organizations become victims of PoS malware in the first place? Most of the methods used to compromise a system with PoS malware are broadly similar to those used by any other malware. In our paper titled PoS RAM Scraper Malware, we ...

    Posted in Malware |



    Trend Micro has recently reached an important milestone: we have vetted our 500 millionth "good file" towards the end of 2014. This means that we have a strong and vast repository of files to competently decide whether any given file is non-malicious or otherwise. Securing Single-Purpose Systems Whitelisting is increasingly being seen as a key component of modern solutions to dealing with today's threat landscape. Recent attacks on PLCs (ICS/SCADA) and PoS systems demonstrate how effective locking down systems (enabled via application control) can ...

    Posted in Malware, Targeted Attacks |



    Last year we saw how the Windows PowerShell® command shell was involved in spreading ROVNIX via malicious macro downloaders. Though the attack seen in November did not directly abuse the PowerShell feature, we're now seeing the banking malware VAWTRAK abuse this Windows feature, while also employing malicious macros in Microsoft Word. The banking malware VAWTRAK is involved with stealing online banking information. Some of the targeted banks include Bank of America, Barclays, Citibank, HSBC, Lloyd’s Bank, and J.P. Morgan. Other variants seen ...

    Posted in Malware | 1 TrackBack »



    Last year, we detected some new PoS malware just before the holiday season.  At that time, we omitted mentioning one fact - that the file was digitally signed with a valid certificate. Our research shows that these attacks targeting PoS malware are growing in sophistication, with code signing and improved encryption becoming more commonplace. We were also able to connect this PoS malware to the group involved with the Anunak malware—which is related to the Carbanak gang as posted by our colleagues over ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice