Items tagged with trojan
Researchers have sounded a warning bell at BlackBerry Cylance about a new trojan malware called PyXie RAT. The malware can perform all sorts of nefarious deeds, including keylogging, stealing login credentials, and recording videos. PyXie RAT can also distribute other attacks, including ransomware. The newly discovered PyXie RAT campaign is being run by a sophisticated cyber-criminal operation that is targeting healthcare and education organizations. The malware is custom-built and Python-based. When a machine is infected with the software, it can control most Windows systems and allows the hacker to monitor data and steal sensitive data. Other functions that the software can perform include...
Read more...
Malware is getting sneakier, as Kaspersky researchers just discovered “Titanium”, a trojan backdoor malware. This malware is very difficult to detect and includes various stages. Titanium is currently being used by the Advanced Persistent Threat (APT) actor “Platinum”. Platinum is considered one of the most “technologically advanced” APT actors in the Asia-Pacific region. Their current malware targets Malaysia, Indonesia, and Vietnam. It is unclear exactly how many devices have been affected. Titanium reportedly includes several steps and capabilities. It first releases an exploit that is able to execute code as a SYSTEM user. It then installs a shellcode that essentially downloads the necessary...
Read more...
Microsoft's Windows Defender was working hard this week, and according to Microsoft, just before noon on March 6 the AV suite put the brakes on 80,000 instances of several sophisticated trojans. These trojans were especially dastardly because they had advanced cross-process injection techniques, persistence mechanisms, and evasion methods. All the trojans are new versions of Dofoil (also known as Smoke Loader) and they carry a coin miner payload. Microsoft wrote, "Within the next 12 hours, more than 400,000 instances were recorded, 73% of which were in Russia. Turkey accounted for 18% and Ukraine 4% of the global encounters." Microsoft notes that Windows Defender AV flagged the "unusual persistence...
Read more...
It seems like we have had to report on some major new hack or threat every week as of late. Black-Hat Hackers are becoming more sophisticated, while their wares are becoming more diverse and complicated. One of the latest pieces of malware, the nasty Rex Linux Trojan, packs in DDoS attacks, ransomware, and a Bitcoin miner. Stu Gorton, CEO and Co-Founder of Forkbombus Labs, disclosed a new kind of ransomware that targeted Drupal websites this past May in an interview with Softpedia. It was not particularly effective and could easily be defeated. This particular ransomware has evolved in the last three months, however, and now is far more dangerous. The malware is developed in Go, Google’s...
Read more...
When people think about Internet security, they still think of the various bugs, flaws, and malware that pervade the online world as a Windows problem. Macs have long enjoyed special status thanks to limited market share, while smartphones aren't generally considered to be an attack vector, no matter which OS you prefer. That's clearly changing -- a new report from Palo Alto Networks illustrates how a new Trojan they call WireLurker doesn't just infect iOS devices -- it relies on Mac OS X vulnerabilities to do so. WireLurker contains a bevy of firsts and achievements. It's the largest malware to rely on repackaged OS X applications, the first to automate the generation of malicious iOS applications,...
Read more...
Avast, makers of the self-titled free antivirus software (along with paid Internet security suites), has discovered that the "Tinba Banker" Trojan is back in circulation, and this time it's targeting more than two dozen financial institutions in the United States. There are some big names among them, including Bank of America, HSBC, TD Bank, Chase, Wells Fargo, PNC, and more. This nasty piece of malware sneaks its way onto customer PCs through the Rig Exploit kit, which takes advantage of Flash or Silverlight exploits. Unfortunately for the victim, he or she can fall prey to the Trojan simply by visiting a banking site that's been infected with the Rig Exploit kit. Don't just walk, but run away...
Read more...
Bitcoin digital currency is somewhat controversial as many people are just completely confused by it, but that hasn’t stopped Bitcoin from being used around the world--nor has it protected the currency from cybercriminals. SecureMac detailed the discovery of a Trojan called OSX/CoinThief.A that specifically targets Apple computers running Mac OS X. “The malware, which comes disguised as an app to send and receive payments on Bitcoin Stealth Addresses, instead covertly monitors all web browsing traffic in order to steal login credentials for Bitcoin wallets,” reads the post. Image Source, above: Flickr (antanacoins); Inset, via Ross Burgess The malicious app that facilitates...
Read more...
The Hand of Thief Trojan made waves among security experts when RSA first announced the for-sale malware. But now that RSA has had a chance to run additional analysis, the security arm of EMC is toning down its alert. It seems that the Hand of Thief is basically a prototype. The only people getting swindled at the moment is the would-be evil genius who buys this broken malware. RSA doesn’t see the Hand of Thief Trojan as a major threat at the moment, but the developer plans improvements. Image credit: RSA As it stands, the Hand of Thief Trojan isn’t stable. According to RSA, the software has trouble stealing the data it’s meant to steal, and it can crash your Web browser –...
Read more...
Linux users have long been able to claim that their platform of choice is about as safe as an OS can get, but that sentiment is getting a little harder to side with thanks to the recent discovery of the 'Hand of Thief' trojan - it's a bad one, so listen up. Hand of Thief's goal is to lead you to financial ruin by stealing sensitive information that you input into forms on supported Web browsers (Firefox and Chrome lead the pack here), such as those that you will use on banking websites. Hand of Thief's developers aren't going to be the ones milking your bank account dry, however. Instead, they're going to be selling licenses of the trojan to those who will. Current pricing is $2,000 with free...
Read more...
As the world shifts to mobile, hackers are adapting their strategies. According to Kaspersky Labs, the security firm just discovered a successful campaign by unknown hackers to target malware at a group of Android phone users. The target: Tibetan activists. The Conference app is malware. Image credit: Forbes The key to getting the attack off the ground was gaining access to the email of a well-known activist and then using that account to send malware-loaded emails to other activists. Once the attachment was opened on an Android phone, the Trojan would gather contacts and other data and send it to a server in Los Angeles. According to Forbes, the attachment was called “WUC’s...
Read more...
Time and time again, we're reminded that Windows isn't the only operating system that malware writers target. It's the most popular platform for malware, sure, but it's not the only one. If you're a Mac user, don't let your guard down, and be especially leery of browsers plug-ins you run into, especially those that claim they're required to view a video. Install the wrong one and you'll end up infected with an adware Trojan. Security researchers at Doctor Web recently discovered Trojan.Yontoo.1, which masquerades as a critical browser plug-in on malicious movie trailer pages. Users are prompted to install the plug-in to view the trailer, at which point they're redirected to another site where...
Read more...
On Friday, security firm Symantec discovered a Trojan called Backdoor.Makadocs, which in typical backdoor Trojan fashion accesses a compromised system and attempts to swipe data from it. The interesting bit is that it uses Google Docs as a proxy server to get around firewalls and connect to a C&C server, instead of attempting to connect directly. Using social engineering tactics to engage a user’s interest in the file, the Trojan arrives as a Rich Text Format (RTF) or Microsoft Word document; when a user opens it, the payload is delivered. Essentially all versions of Windows are affected, from Windows 95 to Windows 7 (and Windows Server 2003 and 2008), and now Symantec says that the...
Read more...
There seems to be a recurring phenomenon in the technology press, where any trojan that affects Linux or Macs becomes front page news. On the other hand, trojans that affect Windows are mostly ignored, perhaps because this is considered to be the normal state of affairs. There are two common statements made in the discussions of these rare events: 1, No operating system will ever be secure from Trojans and 2, Linux/Mac only have fewer viruses because no one uses them. The first statement is almost correct, whereas the second one is a flat out myth in my opinion. Let me explain, and I’ll listen if you still disagree after reading the following in its entirety. ...
Read more...
There seems to be a recurring phenomenon in the technology press, where any trojan that affects Linux or Macs becomes front page news. On the other hand, trojans that affect Windows are mostly ignored, perhaps because this is considered to be the normal state of affairs. There are two common statements made in the discussions of these rare events: No operating system will ever be secure from Trojans. Linux/Mac only have fewer viruses because no one uses them. The first statement is almost correct, whereas the second one is a flat out myth in my opinion. Let me explain, and I’ll listen if you still disagree after reading the following in its entirety. 1. ...
Read more...
