• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   ransomware

Ransomware as a Service Princess Evolution Looking for Affiliates
  • Posted on:August 9, 2018 at 6:01 am
  • Posted in:Bad Sites, Malware, Ransomware
  • Author:
    Joseph C Chen (Fraud Researcher)
0

We have been observing a malvertising campaign via Rig exploit kit delivering a cryptocurrency-mining malware and the GandCrab ransomware since July 25. On August 1, we found Rig’s traffic stream dropping a then-unknown ransomware. Delving into this seemingly new ransomware, we checked its ransom payment page in the Tor network and saw it was called Princess Evolution (detected by Trend Micro as RANSOM_PRINCESSLOCKER.B), and was actually a new version of the Princess Locker ransomware that emerged in 2016. Based on its recent advertisement in underground forums, it appears that its operators are peddling Princess Evolution as a ransomware as a service (RaaS) and are looking for affiliates.

Read More
Tags: Princess Evolutionransomwarerig exploit kit

The Need for Managed Detection and Response: Persistent and Prevalent Threats in North America’s Security Landscape
  • Posted on:July 31, 2018 at 4:59 am
  • Posted in:Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

Current data on the threat landscape of North America shows the need for a comprehensive and proactive approach to security. A traditional approach would be to build a threat response team. However, to be effective against current threats, a threat response team needs to have a considerable amount of skills, time, and resources, which may not be feasible for some organizations. This is only exacerbated by the daily tasks associated with keeping the business up and running. If treated as just a part of the broader job of regular IT staff, threat management can prove overwhelming, as it includes vulnerability assessment, patching, firmware upgrades, vendor management, intrusion detection and prevention systems (IDS/IPS) and firewall monitoring, and other specialized focus areas. And even if enterprises were willing to allot people to react to security incidents, the sheer volume of events and the time-consuming tasks of prioritizing and analyzing them often prove too much to handle.

These could be handled better by security professionals especially focused on threats — an advantage that managed detection and response (MDR) can bring to organizations. MDR provides advanced threat hunting services, faster alert prioritization, root cause analysis, detailed research, and a remediation plan that empowers organizations with better ability to respond to sophisticated attacks, examples of which have been found throughout North America for the second quarter of 2018.

Read More
Tags: cryptocurrency minerinformation stealerManaged Detection and ResponseNorth Americaransomware

North American Malware Trends: Taking a Proactive Approach to Modern Threats
  • Posted on:June 19, 2018 at 5:09 am
  • Posted in:Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

To help IT teams decide where their points of focus should be to create an effective security strategy, we took a look at data in North America in the first quarter of 2018 to determine the trends in the threat landscape and paint a picture of the main types of threats that both individuals and organizations face today.

Read More
Tags: cryptocurrency minerinformation theftManaged Detection and ResponseMDRNABUransomwarethreats

Ransomware XIAOBA Repurposed as File Infector and Cryptocurrency Miner
  • Posted on:April 17, 2018 at 6:39 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

Currently, cryptocurrency miners are heavily used by malware—we’ve seen miners injected onto ad platforms, on popular mobile devices, and servers. Malware creators change payloads to maximize their chances to make a profit, and in this volatile cryptocurrency landscape, they seem committed to integrating miners into their arsenal. We are now also seeing binary infectors using miners to suit their needs.

Read More
Tags: cryptocurrency minerransomware

Pop-up Ads and Over a Hundred Sites are Helping Distribute Botnets, Cryptocurrency Miners and Ransomware
  • Posted on:March 22, 2018 at 7:00 am
  • Posted in:Bad Sites
  • Author:
    Joseph C Chen (Fraud Researcher)
0

The Trend Micro Cyber Safety Solutions team has been tracking a potentially unwanted app (PUA) distribution campaign that installs PUA software downloaders. During our research, we found that some of these distributors started pushing malware along with PUAs in late 2017. In this post we focus on one of the older PUA software downloaders called ICLoader (also called FusionCore and detected by Trend Micro as PUA_ICLOADER). Different reports identified it as a PUA software downloader because it installed adware or unwanted software.

Read More
Tags: botnetcryptocurrency minerPUAransomware
Page 1 of 1712 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • The Need for Managed Detection and Response: Persistent and Prevalent Threats in North America’s Security Landscape
  • New Underminer Exploit Kit Delivers Bootkit and Cryptocurrency-mining Malware with Encrypted TCP Tunnel
  • How Machine Learning Can Help Identify Web Defacement Campaigns
  • Malware Targeting Bitcoin ATMs Pops Up in the Underground
  • Ransomware as a Service Princess Evolution Looking for Affiliates

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.