BlueBorne is a set of vulnerabilities affecting the implementation of Bluetooth in iOS, Android, Linux, Windows and Mac OS* devices. According to the researchers who uncovered them, BlueBorne affects around 5.3 billion Bluetooth-enabled devices. The immediate mitigation for BlueBorne is to patch the device, if there’s any available, or to switch off the device’s Bluetooth connection if not needed.Read More
The mobile threat landscape isn’t just rife with information stealers and rooting malware. There’s also mobile ransomware. While it seems they’re not as mature as their desktop counterparts, what with the likes of WannaCry and Petya, the increasing usage of mobile devices, particularly by businesses, will naturally draw more cybercriminal attention to this type of threat.
Take for instance mobile ransomware on the Android platform. The variants we detected and analyzed during the fourth quarter of last year were thrice as many compared to the same period in 2015. And indeed, the surge is staggering. We already had over 235,000 detections for Android mobile ransomware in the first half of 2017 alone—that’s 181% of detections for all of 2016.Read More
Since first writing about the discovery of HDDCryptor back in September, we have been tracking this ransomware closely as it has evolved. Last week, a new version was spotted in the wild, and based on our analysis, we believe that this variant is the one used in a recent attack against San Francisco Municipal Transport Agency (SFMTA).Read More
They say imitation is the sincerest form of flattery. Take the case of CrypMIC—detected by Trend Micro as RANSOM_CRYPMIC—a new ransomware family that mimics CryptXXX in terms of entry point, ransom notes and payment site UIs. CrypMIC’s perpetrators are possibly looking for a quick buck owing to the recent success of CryptXXX.Read More
We recently came across a variant of the BIFROSE malware that has been rewritten for UNIX and UNIX-like systems. This is the latest tool developed by attackers behind operation Shrouded Crossbow, which have produced other BIFROSE variants such as KIVARS and KIVARS x64. UNIX-based operating systems are widely used in servers, workstations, and even mobile devices. With a lot of highly confidential data found in these servers and devices, a UNIX version of BIFROSE can certainly be classified as a threat.Read More