• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Malware

New Magecart Attack Delivered Through Compromised Advertising Supply Chain
  • Posted on:January 16, 2019 at 5:00 am
  • Posted in:Malware, Social
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

On January 1, we detected a significant increase in activity from one of the web skimmer groups we’ve been tracking. During this time, we found their malicious skimming code (detected by Trend Micro as JS_OBFUS.C.) loaded on 277 e-commerce websites providing ticketing, touring, and flight booking services as well as self-hosted shopping cart websites from prominent cosmetic, healthcare, and apparel brands. Trend Micro’s machine learning and behavioral detection technologies proactively blocked the malicious code at the time of discovery (detected as Downloader.JS.TRX.XXJSE9EFF010).

The activities are unusual, as the group is known for injecting code into a few compromised e-commerce websites then keeping a low profile during our monitoring. Further research into these activities revealed that the skimming code was not directly injected into e-commerce websites, but to a third-party JavaScript library by Adverline, a French online advertising company, which we immediately contacted.

Read More
Tags: Code InjectionMagecartOnline Skimming

Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
  • Posted on:January 8, 2019 at 4:50 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

We recently discovered an active adware family (detected by Trend Micro as AndroidOS_HidenAd) disguised as 85 game, TV, and remote control simulator apps on the Google Play store. This adware is capable of displaying full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality, and running in the mobile device’s background. The 85 fake apps have been downloaded a total of 9 million times around the world.

Read More
Tags: adwaregoogle play

With Mirai Comes Miori: IoT Botnet Delivered via ThinkPHP Remote Code Execution Exploit
  • Posted on:December 20, 2018 at 4:55 am
  • Posted in:Exploits, Internet of Things, Malware
  • Author:
    Trend Micro
0

We analyzed another Mirai variant called “Miori,” which is being spread through a Remote Code Execution (RCE) vulnerability in the PHP framework, ThinkPHP. Aside from Miori, several known Mirai variants like IZ1H9 and APEP were also spotted using the same RCE exploit for their arrival method. The aforementioned variants all use factory default credentials via Telnet to brute force their way in and spread to other devices.

Read More
Tags: mioriMiraithinkphpVulnerabilities

Android Wallpaper Apps Found Running Ad Fraud Scheme
  • Posted on:December 19, 2018 at 4:47 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

Analyzed 15 malicious wallpaper apps we found on Google Play Store running click ad fraud schemes. The apps recorded over 200,000 downloads worldwide — our telemetry shows infection to be the highest in some countries in Europe, the US, and Asia — before they were removed.

Read More
Tags: androidGoogle

URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
  • Posted on:December 18, 2018 at 4:51 am
  • Posted in:Botnets, Malware
  • Author:
    Trend Micro
0

We analyzed samples of EMOTET, URSNIF, DRIDEX and BitPaymer and found similar payload loaders and internal data structures, possibly implying that these different groups are familiar with and are working closely together.

Read More
Tags: BitPaymerDRIDEXEMOTETURSNIF
Page 1 of 27512 › »

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • New Magecart Attack Delivered Through Compromised Advertising Supply Chain
  • Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
  • January Patch Tuesday: First Bulletin of 2019 has Fixes for DHCP and Microsoft Exchange Vulnerabilities
  • Machine-to-Machine (M2M) Technology Design Issues and Implementation Vulnerabilities
  • Google Play Apps Drop Anubis Banking Malware, Use Motion-based Evasion Tactics

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.