• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Archives for March 2018

ChessMaster Adds Updated Tools to Its Arsenal

  • Posted on:March 29, 2018 at 5:00 am
  • Posted in:Targeted Attacks
  • Author:
    Trend Micro
0

In this blog post, we analyze ChessMaster’s current status, including the updated tools in its arsenal — with a particular focus on the evolution of ANEL and how it is used in the campaign.

Read More
Tags: ChessMasterManaged Detection and Responsetargeted attacks

Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure

  • Posted on:March 28, 2018 at 5:01 am
  • Posted in:Mobile
  • Author:
    Lorin Wu (Mobile Threats Analyst)
0

We uncovered a new Android malware that can surreptitiously use the infected device’s computing power to mine Monero. Trend Micro detects this as ANDROIDOS_HIDDENMINER. This Monero-mining Android app’s self-protection and persistence mechanisms include hiding itself from the unwitting user and abusing the Device Administrator feature (a technique typically seen in SLocker Android ransomware).

Read More
Tags: androidcryptocurrency minerHiddenMinerMonero

A Closer Look at Unpopular Software Downloads and the Risks They Pose to Organizations

  • Posted on:March 27, 2018 at 5:01 am
  • Posted in:Malware
  • Author:
    Marco Balduzzi (Senior Threat Researcher)
0

As a large cyber security vendor, Trend Micro deals with millions of threat data per day. Our Smart Protection Network (SPN), among other technologies, helps us conduct research and investigate new threats and cybercrimes to improve our ability to protect our customers.

In this blog post, the first of a three-part series, I would like to share some insights on trends that we have observed in the wild after analyzing 3 million software downloads, involving hundreds of thousands of internet-connected machines.

Specifically, we turn our focus on web downloads originating from browsers or any other (HTTP) client application installed on a machine. Note that we limited the study to machines that execute software after download. Given the huge quantity of data, we also limited our research to unpopular software downloaded from URLs that were not whitelisted. This automatically excludes software from Windows Updates and other well-known domains. All this information is PII anonymized.

We classify these downloads as benign (legitimate software), malicious or unknown. Unknown means that the downloaded software is currently unknown to us or to other public data sources that we monitor.

Read More
Tags: benign softwareMalwaresoftware downloadsunknown files

Cluster of Coins: How Machine Learning Detects Cryptocurrency-mining Malware

  • Posted on:March 26, 2018 at 5:00 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

As new trends and developments in the malicious mining of cryptocurrency emerge, a smart and sustainable way of detecting these types of threats is swiftly becoming a cybersecurity necessity. By using Trend Micro Locality Sensitive Hashing (TLSH), a machine learning hash that is capable of identifying similar files, we were able to group together similar cryptocurrency-mining samples gathered from the wild. By grouping together samples based on their behavior and file types, detection of similar or modified malware becomes possible.

Read More
Tags: cryptocurrencymachine learning

Pop-up Ads and Over a Hundred Sites are Helping Distribute Botnets, Cryptocurrency Miners and Ransomware

  • Posted on:March 22, 2018 at 7:00 am
  • Posted in:Bad Sites
  • Author:
    Joseph C Chen (Fraud Researcher)
0

The Trend Micro Cyber Safety Solutions team has been tracking a potentially unwanted app (PUA) distribution campaign that installs PUA software downloaders. During our research, we found that some of these distributors started pushing malware along with PUAs in late 2017. In this post we focus on one of the older PUA software downloaders called ICLoader (also called FusionCore and detected by Trend Micro as PUA_ICLOADER). Different reports identified it as a PUA software downloader because it installed adware or unwanted software.

Read More
Tags: botnetcryptocurrency minerPUAransomware
Page 1 of 212

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.