Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows, macOS, or any other platform that has PHP installed. The malware has the capability to remotely control the system and accept commands to perform malicious activities on the infected machine.
Read More
This entry is about ThiefQuest, the newly discovered malware targeting macOS. We discuss the differences between the old and new versions of the malware. Related findings include new functions as well as unusual observations in VirusTotal
Read More
Ransomware in itself poses a formidable threat for organizations. As a fileless threat, the risk is increased as it can more effectively evade detection. We discuss how Netwalker ransomware is deployed filelessly through reflective DLL injection.
Read More Trend Micro recently found new samples of Dharma ransomware using a new technique: using software installation as a distraction to help hide malicious activities.
Read More Ransomware may have experienced a decline in 2018, but it seems to be getting back on track — only this time, attacks are looking to be more targeted. Coming on the heels of news about a ransomware attack against a U.S. beverage company which addressed the company by name in the ransom note, this blog post looks into a BitPaymer ransomware variant (detected by Trend Micro as Ransom.Win32.BITPAYMER.TGACAJ) that hit a U.S. manufacturing company.
Read More