• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   petya

Digital Extortion: A Forward-looking View
  • Posted on:January 30, 2018 at 5:02 am
  • Posted in:Malware, Ransomware
  • Author:
    David Sancho (Senior Threat Researcher)
0

In 2017, we saw digital extortion increasingly become cybercriminals’ first and foremost money-making modus operandi. It’s mostly due to ransomware — cybercriminals’ currently most popular weapon of choice, helping them in extorting cash from users all over the world and in hitting big businesses and organizations.

By infecting business-critical systems through their shotgun-style ransomware attacks and thus crippling enterprise day-to-day operations, cybercriminals managed to force big companies to bend to their will. Digital extortion has become the most successful moneymaking venture for cybercriminals, and the most effective in terms of the scale of their victims. Big or small, everyone gets hit, and everyone has to pay.

Read More
Tags: Digital ExtortionErebusOnline BlackmailpetyaWannaCry

Large-Scale Petya Ransomware Attack In Progress, Hits Europe Hard
  • Posted on:June 27, 2017 at 12:37 pm
  • Posted in:Malware, Ransomware
  • Author:
    Trend Micro
0

A large-scale ransomware attack reported to be caused by a variant of the Petya ransomware is currently hitting various users, particularly in Europe. This variant, which Trend Micro already detects as RANSOM_PETYA.SMA, is known to use both the EternalBlue exploit and the PsExec tool as infection vectors.

Read More
Tags: EternalBluepetyaransomwareWannaCry

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game
  • Posted on:December 29, 2016 at 11:20 pm
  • Posted in:Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, not only kept to the James Bond theme of its earlier iteration, but also its attack vector.

Given ransomware’s likely outlook to reach a plateau, persistence in the threat landscape and diversification of target victims are the names of the game. GoldenEye exemplifies bad guys trying to gain scale, leverage, and profit with rehashed malware.

Read More
Tags: CERBERDRIDEXEMOTETGoldenEyeMischapetyaSharikZBOT

Why Ransomware Works: Arrival Tactics
  • Posted on:June 27, 2016 at 7:42 am
  • Posted in:Bad Sites, Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

Apart from understanding the ransomware tactics and techniques beyond encryption, it is equally important to understand how they arrive in the environment. Our recent analysis reveals that majority of ransomware families can be stopped at the exposure layer—web and email. In fact, Trend Micro has blocked more than 66 million ransomware-related spam, malicious URLs, and threats from January to May 2016.

Read More
Tags: Angler Exploit KitCERBERcrypto-ransomwareCryptXXXexploit kitsLockyNeutrino exploit kitpetyarig exploit kitTeslacryptTorrentLocker

Why Ransomware Works: Tactics and Routines Beyond Encryption
  • Posted on:June 16, 2016 at 5:00 am
  • Posted in:Malware, Ransomware
  • Author:
    Trend Micro
0

How do companies regardless of size and industry prepare for ransomware attacks? A recent study revealed that businesses are considering saving up Bitcoins, just in case they get hit by these threats and can recover their confidential files in a short span of time. While we don’t recommend succumbing to the ransom payment as it doesn’t guarantee that you’ll get your files back plus you’ll be prone to more ransomware attacks, we can’t also blame these large organizations and businesses for doing so.

Read More
Tags: crypto-ransomwareCryptXXXCRYPWALLpetyaPowerWareransomwareSAMSAMTeslacryptZCRYPT
Page 1 of 212

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Viro Botnet Ransomware Breaks Through
  • New CVE-2018-8373 Exploit Spotted
  • Use-after-free (UAF) Vulnerability CVE-2018-8373 in VBScript Engine Affects Internet Explorer to Run Shellcode
  • A Closer Look at the Locky Poser, PyLocky Ransomware
  • Stolen Data from Chinese Hotel Chain and Other Illicit Products Sold in Deep Web Forum

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.