• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   ZBOT

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game
  • Posted on:December 29, 2016 at 11:20 pm
  • Posted in:Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, not only kept to the James Bond theme of its earlier iteration, but also its attack vector.

Given ransomware’s likely outlook to reach a plateau, persistence in the threat landscape and diversification of target victims are the names of the game. GoldenEye exemplifies bad guys trying to gain scale, leverage, and profit with rehashed malware.

Read More
Tags: CERBERDRIDEXEMOTETGoldenEyeMischapetyaSharikZBOT

Notorious Malware Improvements and Enhancements of 2014
  • Posted on:February 23, 2015 at 4:25 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

2014 was a year that was marked with numerous changes in the threat landscape. We saw a lot of improvements in existing malware, either with new evasion techniques or versions. We even saw some old techniques and attacks resurface in the landscape. Evasion Tactics We are seeing more malware incorporate Tor in their routines as…

Read More
Tags: 201464-bit malwarecrypto-ransomwareiOSMac OSmacroMalwaremalware enhancementsMasqueTorWirelurkerZBOT

Decrypting ZBOT Configuration Files Automatically
  • Posted on:November 12, 2014 at 10:32 pm
  • Posted in:Malware
  • Author:
    Lord Alfred Remorin (Senior Threat Researcher)
0

Since its emergence in 2007, ZBOT (also known as ZeuS) has become one of the most prevalent botnets and widely distributed banking Trojans. This malware family is widely known as a notorious credential stealing toolkit. It uses form-grabbing through web injection to steal user credentials from legitimate websites. It also has the capability to send…

Read More
Tags: AVARbanking TrojanMalwareonline bankingZBOTZeuS

Checking In On Africa: The Latest Developments in Cybercrime
  • Posted on:August 11, 2014 at 8:07 am
  • Posted in:Bad Sites
  • Author:
    Trend Micro
0

In the early 2000s, Africa gained notoriety due to the 419 “Nigerian” scam. This scam involved making payments in exchange for a reward for helping so-called high-ranking Nigerian officials and their families. While all the scams may not have necessarily originated from Africa, the use of Nigerian officials was imprinted upon the public consciousness, thereby…

Read More
Tags: 419 “Nigerian” scamAfricabanking TrojanBlackshadesbotnetCVE-2012-0158cybercrimedefacementdenial-of-service (DoS) attacksdistributed denial-of-service (DDoS) attacksIce IXRATsremote access TrojansSpyEyeTargeted Attack TechniquesZBOTZeuS

1H 2014 Spam Attacks and Trends
  • Posted on:July 24, 2014 at 8:40 am
  • Posted in:Malware, Spam
  • Author:
    Maria Manly (Anti-spam Research Engineer)
0

In the first half of the year, the spam volume increased by 60% compared to the data last 1H 2013.  We can attribute these to several factors:  the prevalence of DOWNAD and the steady boom of malware-related emails with spam-sending capabilities (such as MYTOB). Prevalent threats like UPATRE and ZeuS/ZBOT also employed spam as its…

Read More
Tags: ConfickercybercrimeDOWNADGermanyMalwareSpamZBOTZeuS
Page 1 of 512 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • The Urpage Connection to Bahamut, Confucius and Patchwork
  • Stolen Data from Chinese Hotel Chain and Other Illicit Products Sold in Deep Web Forum
  • A Closer Look at the Locky Poser, PyLocky Ransomware
  • September Patch Tuesday: Windows Fixes ALPC Elevation of Privilege, Remote Code Execution Vulnerabilities
  • Use-after-free (UAF) Vulnerability CVE-2018-8373 in VBScript Engine Affects Internet Explorer to Run Shellcode

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.