• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   NECURS

Necurs Evolves to Evade Spam Detection via Internet Shortcut File
  • Posted on:April 26, 2018 at 6:00 am
  • Posted in:Malware, Spam
  • Author:
    Trend Micro
0

Necurs, a botnet malware that’s been around since 2012, has been improved with the hopes of better defeating cybersecurity measures — it was seen to evolve its second layer of infection using a .URL file (with remote script downloaders detected by Trend Micro as MAL_CERBER-JS03D, MAL_NEMUCOD-JS21B, VBS_SCARAB.SMJS02, and MAL_SCARAB-VBS30.

Necurs, a modular malware with variants that are capable of spam distribution, information theft, and disabling security services and elements, has been in around since 2012, propagating in the wild via the Necurs botnet.

Read More
Tags: NECURSQUANTLOADER

ZBOT-UPATRE Far From Game Over, Uses Random Headers
  • Posted on:June 23, 2014 at 1:25 am
  • Posted in:Bad Sites, Botnets, Malware
  • Author:
    Jaaziel Carlos (Threat Response Engineer)
0

TROJ_UPATRE, the most common malware threat distributed via spam, is known for downloading encrypted Gameover ZeuS onto affected systems. This ZeuS variant, in turn, is known for its use of peer-to-peer connections to its command-and-contol (C&C) servers.  This behavior has been known about since October 2013. We have observed that these specific ZeuS variants are now…

Read More
Tags: C&C servercryptolockercybercriminalsdecryptionencryptiongameoverGoZ malwareMalwareNECURSUPATREXOR keyZBOTZeuSZZP0

Social Engineering Watch: UPATRE Malware Abuses Dropbox Links
  • Posted on:June 9, 2014 at 4:56 pm
  • Posted in:Malware, Spam
  • Author:
    Maria Manly (Anti-spam Research Engineer)
0

Threats like UPATRE are continuously evolving as seen in the development of the techniques used so as to bypass security solutions. UPATRE malware are known downloaders of information stealers like ZeuS that typically spread via email attachments. We recently spotted several spam runs that use the popular file hosting service Dropbox. These use embedded links lead to…

Read More
Tags: Canadian pharmacycybercrimeDropboxinformation stealerNECURSrootkitSpamspam mailsUPATREZBOTZeuS

UPATRE Ups the Ante With Attachment Inside An Attachment
  • Posted on:April 4, 2014 at 1:21 am
  • Posted in:Malware, Spam
  • Author:
    Marilyn Melliang (Senior Threat Research Engineer)
1

In 2013, the malware UPATRE was noted as one of the top malware seen attached to spammed messages. The malware was also notorious for downloading other malware, including ZeuS and ransomware, particularly its more sophisticated form, Cryptolocker. This was enough reason to believe that the UPATRE threat is constantly advancing its techniques–this time, by using…

Read More
Tags: MalwareNECURSrootkitSpamUPATREZBOT

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Malicious Edge and Chrome Extension Used to Deliver Backdoor
  • Confucius Update: New Tools and Techniques, Further Connections with Patchwork
  • GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities
  • Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability
  • Legitimate Application AnyDesk Bundled with New Ransomware Variant

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.