Targeted attacks are difficult to detect and mitigate by nature. We recently uncovered a targeted attack campaign we dubbed as “ANTIFULAI” that targets both government agencies and private industries in Japan. In our 2H 2013 Targeted Attack Trends report, we found that 80% of the analyzed cases of targeted attacks hit government institutions.
Like many targeted attacks, ANTIFULAI uses several emails as entry vectors to get the attention of its would-be targets. In this particular case, the detected email posed as a job application inquiry ...
Every now and then, we get questions about password crackers. Usually, these questions are something like, why do you detect these password crackers? They're not malicious! Well, now is as as good a time as any to address the topic.
Obviously, password-cracking programs are not terribly malicious. Unless they have been trojanized or manipulated somehow, they just... crack passwords. Usually, given a password-protected file, they try different possibilities to recover that pesky password you forgot. I'm the first to admit that even though it ...
Earlier this week, the Federal Bureau of Investigation announced that an international effort had disrupted the activities of the peer-to-peer (P2P) variant of ZeuS/ZBOT known as “Gameover.” Trend Micro was one of the parties that was involved in this effort to disrupt the activities of this well-known online banking Trojan.
Gameover is well-known for its resilience to takedowns. This is due to its peer-to-peer connection to its command and control (C&C) server as compared to other ZeuS variants (such as IceIX, Citadel and KINS) that employed ...
In its recent report, National Police Agency mentioned that the current estimated total cost of unauthorized transactions suffered by Japanese users reached 1.417 billion yen during the period of January-May 2014. In comparison the estimated total damage cost from these kinds of threats was 1.406 billion yen in 2013.
Data released by Japanese Bankers Association also gives similar alarming statistics: 21 cases of online banking theft occurred in Q1 2014 compared to 14 cases for the whole of 2013. The damage cost in ...
We highlighted in our quarterly threat roundup how various ransomware variants and other similar threats like CryptoLocker that now perform additional routines such as using different languages in their warning and stealing funds from cryptocurrency wallets. The addition of mobile ransomware highlights how these threats are continuously improved over time.
We recently encountered another variant that used the Windows PowerShell feature in order to encrypt files. This variant is detected as TROJ_POSHCODER.A. Typically, cybercriminals and threat actors have used Windows Powershell to go undetected on ...
