• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Powershell

MIRCOP Crypto-Ransomware Channels Guy Fawkes, Claims To Be The Victim Instead
  • Posted on:June 24, 2016 at 2:00 am
  • Posted in:Ransomware, Spam
  • Author:
    Jaaziel Carlos (Threat Response Engineer)
0

Ransomware behavior has been the talk of the town. We have seen oddly long ransom payment deadlines from GOOPIC, password stealing capabilities from RAA, chat support from the latest JIGSAW variant, and all these are just incidents discovered this June. But among these new behaviors, we came across a truly unique behavior in MIRCOP crypto-ransomware.

Detected as RANSOM_MIRCOP.A, MIRCOP places the blame on users and does not give victims instructions on how to pay the ransom. In fact, it assumes that victims already know how to pay them back.

Read More
Tags: crypto-ransomwaremacro malwarePowershell

New FAREIT Strain Abuses PowerShell
  • Posted on:April 25, 2016 at 1:24 am
  • Posted in:Malware, Spam
  • Author:
    Trend Micro
0

In 2014, we began seeing attacks that abused the Windows PowerShell. Back then, it was uncommon for malware to use this particular feature of Windows. However, there are several reasons for an attacker to use this scripting technique.

For one, users cannot easily spot any malicious behavior since PowerShell runs in the background.  Another is that PowerShell can be used to steal usernames, passwords, and other system information without an executable file being present. This makes it an attractive tool for attackers for carrying out malicious activities while avoiding easy detection.

Read More
Tags: FAREITmacro malwarePowershellWindows Powershell

Black Magic: Windows PowerShell Used Again in New Attack
  • Posted on:May 29, 2014 at 9:50 am
  • Posted in:Malware, Targeted Attacks
  • Author:
    Maersk Menrige (Threats Analyst)
1

The Windows PowerShell® command line is a valuable Windows administration tool designed especially for system administration. It combines the speed of the command line with the flexibility of a scripting language, making it helpful for IT professionals to automate administration of the Windows OS and its applications. Unfortunately, threat actors have recently taken advantage of…

Read More
Tags: APTCRIGENTplugXPowershellTaidoorTargeted Attacktargeted emailWindowsWindows PowershellWindows XP

Word and Excel Files Infected Using Windows PowerShell
  • Posted on:March 27, 2014 at 1:16 pm
  • Posted in:Malware
  • Author:
    Alvin John Nieto (Threat Response Engineer)
11

Malware targeting Word and Excel files has been around for some time, but we recently encountered a new malware family, CRIGENT (also known as “Power Worm”) which brings several new techniques to the table. (We detect these files as W97M_CRIGENT.A and X97M_CRIGENT.A.) Most significantly, instead of creating or including executable code, CRIGENT uses the Windows PowerShell…

Read More
Tags: CRIGENTMalwareMicrosoft ExcelMicrosoft WordPowershell
Page 3 of 3123

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.