• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   RDP

Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force

  • Posted on:November 19, 2018 at 5:12 am
  • Posted in:Botnets, Internet of Things, Malware
  • Author:
    Trend Micro
0

We spotted two variants of activities from hacking group Outlaw. The script used in the first version of its bot has two functionalities: the miner and Haiduc-based dropper. The second variant of the code, distributed by the bot, was mainly designed to brute force and further exploit the Microsoft Remote Desktop Protocol and cloud administration cPanel in order to escalate the privileges.

Read More
Tags: cPanelCryptocurrency miningMoneroperlRDP

Mirai Widens Distribution with New Trojan that Scans More Ports

  • Posted on:February 13, 2017 at 5:00 am
  • Posted in:Internet of Things, Malware
  • Author:
    Giannina Escueta (Technical Communications)
0

Late last year, in several high-profile and potent DDoS attacks, Linux-targeting Mirai (identified by Trend Micro as ELF_MIRAI family) revealed just how broken the Internet of Things ecosystem is. The malware is now making headlines again, thanks to a new Windows Trojan that drastically increases its distribution capabilities.

Read More
Tags: MiraiRDPTelnet

A Show of (Brute) Force: Crysis Ransomware Found Targeting Australian and New Zealand Businesses

  • Posted on:September 19, 2016 at 4:17 am
  • Posted in:Ransomware
  • Author:
    Jon Oliver (Senior Architect)
0

Crysis (detected by Trend Micro as RANSOM_CRYSIS.A), a ransomware family first detected in February this year, has been spotted targeting businesses in Australia in New Zealand through remote desktop protocol (RDP) brute force attacks.

Crysis has been reported in early June this year to have set its sights into carving a market share left by TeslaCrypt when the latter’s developers decided to shut down their operations, and rivaling Locky’s prevalence in the ransomware threat landscape.

Read More
Tags: brute force attacksCrysisRDPremote desktop protocol

A Peek Inside a PoS Scammer’s Toolbox

  • Posted on:November 19, 2014 at 5:00 am
  • Posted in:Malware
  • Author:
    Kyle Wilhoit (Senior Threat Researcher)
0

PoS malware has been receiving a tremendous amount of attention in the past two years with high profile incidents like Target, Home Depot, and Kmart. With the massive “Black Friday” shopping season coming up, PoS malware will surely get additional publicity. This high profile nature means, we constantly look for evolving PoS malware and look into their behavior…

Read More
Tags: C&C serverPOS malwareRDPtoolkitVNC

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Going In-depth with Emotet: Multilayer Operating Mechanisms
  • February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
  • Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.