• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Fernando Mercês (Senior Threat Researcher)

Fernando Mercês (Senior Threat Researcher)

Senior Threat Researcher

Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902

  • Posted on:July 28, 2020
  • Posted in:Botnets, Exploits, Vulnerabilities
  • Posted by:
    Fernando Mercês (Senior Threat Researcher)
0

We found an internet of things (IoT) Mirai botnet downloader exploiting CVE-2020-5902 in the wild, two weeks after getting a 10 out of 10 CVSS rating in its disclosure. Analyzing the said variant, it can also abuse nine other recently discovered security bugs in other devices.

Read More
Tags: botnetCVE-2020-5902ExploitF5 Big-IPinternet of thingsIOTMiraisoravulnerability

Grouping Linux IoT Malware Samples With Trend Micro ELF Hash

  • Posted on:April 20, 2020
  • Posted in:Internet of Things, Open source
  • Posted by:
    Fernando Mercês (Senior Threat Researcher)
0

We created Trend Micro ELF Hash (telfhash), an open-source clustering algorithm that effectively clusters Linux IoT malware created using ELF files.

Read More
Tags: Clustering algorithminternet of thingsLinux malware

A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants

  • Posted on:July 2, 2019
  • Posted in:Malware
  • Posted by:
    Fernando Mercês (Senior Threat Researcher)
0

In the past few years, Linux systems have been susceptible to attacks involving ransomware, cryptocurrency miners, botnets and other types of malware. The successful deployment of the said attacks refutes an old notion that machines and devices that run Linux are less likely to be affected by malware.

To come up with effective countermeasures, we constantly work on developing methods to address concerns pertaining to attacks against Linux systems, for example, by looking for ways to conduct quick and efficient analysis of malware samples that leads to their eventual detection and blocking. One of these methods involve reverse engineering files to locate the address of the main() function, which usually contains code that malware authors craft to start malicious routines.

Read More
Tags: ELF malwareLinuxmain() functionreverse engineering

Malware Targeting Bitcoin ATMs Pops Up in the Underground

  • Posted on:August 7, 2018
  • Posted in:Deep Web, Malware
  • Posted by:
    Fernando Mercês (Senior Threat Researcher)
0

With the increasing popularity and real-world use of cryptocurrencies and the fact that cybercriminals will always try to exploit something that can make money for them, it shouldn’t come as a surprise that malware targeting Bitcoin ATMs have started appearing in underground markets.

Read More
Tags: Bitcoin ATMMalwareunderground

New KillDisk Variant Hits Latin American Financial Organizations Again

  • Posted on:June 7, 2018
  • Posted in:Malware
  • Posted by:
    Fernando Mercês (Senior Threat Researcher)
0

In January, we saw a variant of the disk-wiping KillDisk malware hitting several financial institutions in Latin America. One of these attacks was related to a foiled heist on the organization’s system connected to the Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) network.

Last May, we uncovered a master boot record (MBR)-wiping malware in the same region. The telltale sign was a problem related to the affected machine’s boot sector. Based on the error message it displayed after our tests, we were able to ascertain that this was another — possibly new — variant of KillDisk. This kind of notification is common in systems affected by MBR-wiping threats and not in other malware types such as ransomware, which some people initially believed to be the culprit. Trend Micro products detect this threat as TROJ_KILLMBR.EE and TROJ_KILLDISK.IUE.

Read More
Tags: KilldiskLatin AmericaMBR Wiper
Page 1 of 512 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.