Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Malware’ Category




    While we encounter a wide variety of threats on a regular basis, sometimes we come across those that are truly unusual. This is one of them: it appears to be a PHP backdoor delivered via spammed emails. At first glance, this threat appears to be a fairly typical malicious spam email: it pretends to be a notification from Visa that the user's card has been suspended. Figure 1. Fake email notification The body of the email itself appears to be blank. Neither a malicious ...

    Posted in Malware, Spam |



    Recently, other researchers reported that a new Android malware family (detected as ANDROIDOS_KAGECOIN.HBT) had cryptocurrency mining capabilities. Based on our analysis, we have found that this malware is involved in the mining for various digital currencies, including Bitcoin, Litecoin, and Dogecoin. This has real consequences for users: shorter battery life, increased wear and tear, all of which could lead to a shorter device lifespan. The researchers originally found ANDROIDOS_KAGECOIN as repacked copies of popular apps such as Football Manager Handheld and TuneIn Radio. The apps ...




    CryptoLocker and other such ransomware threats have been a significant problem for some time now, but recently we've seen a new addition to the ransomware scene. This new threat, which calls itself BitCrypt, adds a unique angle to ransomware: it steals funds from various cryptocurrency wallets as well. We have identified two distinct variants of this threat. The first variant, TROJ_CRIBIT.A, appends ".bitcrypt" to any encrypted files and uses an English-only ransom note. The second variant, TROJ_CRIBIT.B, appends ".bitcrypt 2" and ...




    Last week, in the previous part of this post, we went over the behavior of Control Panel (CPL) malware before the actual infection. In this second part, we go over what happens after the malware has reached a system. (Note: much of this analysis was carried out with Deep Discovery Advisor, so some of the screenshots will have been taken from this product.) This particular CPL malware (detected as TROJ_BANLOAD.ZAA) appears to be targeted at Windows 7 users - specifically, those using ...

    Posted in Malware, Spam |



    We recently came across this particular post in an underground forum: Figure 1. Underground forum post This particular post in Russian was advertising a new product, known as "BlackOS". Contrary to the name, it is not an operating system. However, it is definitely "black", or malicious: it is used to manage and redirect Internet traffic from malicious/compromised websites to other malicious sites. These types of products are not new in underground communities - for example, Brian Krebs talked about the similar iFrameservice.net site ...

    Posted in Bad Sites, Malware |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice