We analyzed a fileless banking trojan targeting three major banks in Brazil and their customers, downloading info stealers, keyloggers and a hack tool. Infected machines can be used for a botnet and mass mailed targeted attacks, and our telemetry recorded the highest infection attempts from Brazil and Taiwan.Read More
We found a new Mirai variant we’ve called Yowai and Gafgyt variant Hakai abusing a ThinkPHP flaw for propagation and DDoS attacks.Read More
Several apps on Google Play posing as legitimate voice messenger platforms have automated functions such as fake survey pop-ups and fraudulent ad clicks. Observed variants were deployed one by one since October, with its evolution including evasive techniques and its infection behavior divided into several stages, as well as botnet codes possibly indicative of future attacks.Read More
Our findings homed in on known vulnerabilities, IoT botnets with top vulnerability detections, and devices that are affected.
From April 1 to May 15, we observed that 30 percent of home networks had at least one vulnerability detection. A detection would mean that we found at least one connected device being accessed through a vulnerability in the network. Our scanning covered different operating systems (OSs), including Linux, Mac, Windows, Android, iOS, and other software development kit (SDK) platforms.
We recently found similar Mirai-like scanning activity from Mexico with some being done via the exploitation of CVE-2018-10561 and CVE-2018-10562, two vulnerabilities that are specific to Gigabit Passive Optical Network (GPON)-based home routers.Read More