PowerOffHijack – Android Malware Can Spy On You Even When Your Mobile Is Off

poweroffhijackThe people at TheHackerNews.com wrote a article on a new attack against Android devices that tricks users into believing they have powered off their device so they can spy on them. The original post can be found HERE.

Security researchers have unearthed a new Android Trojan that tricks victims into believing they have switched their device off while it continues “spying” on the users’ activities in the background. So, next time be very sure while you turn off your Android smartphones.

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Bank Hackers Steal Millions via Malware

cyber-attack-hacker

My buddy Aamir Lakahni at drchaos wrote a interesting post about criminals using RAT tools to steal boat loads of money from banks. The original post can be found HERE.

Another week, another hack. A group of cybercriminals used phishing attacks to install remote access toolkits (RATs) and steal over $300 million from banks and other financial institutions (source: http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html)

Using RATs is not new, and common method cybercriminals use. We had an in-depth look at njRAT and the Sweet Orange Exploit on this site. It is also not uncommon to use phishing and other social engineering attacks by attackers to trick users into installing sophisticated malicious tools. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

njRAT Malware – remote control malware

njRAT_goedist

My buddy Aamir Lakahni wrote a cool post on how to setup a njRAT (remote access toolkit). The original post can be found at drchaos.com via HERE.

Warning: The ideas, concepts and opinions expressed in this blog are intended to be used for educational purposes only. The misuse of the information from this article can result in criminal charges brought against the persons in question. Refer to the laws in your province/country before accessing, using,or in any other way utilizing these materials.

One of the most popular malware tools being used today is a RAT (remote access toolkit) named njRAT. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (4 votes cast)

Detecting Malware With ThreatGRID Overview

threatgridlogo

Cisco acquired the leader for identifying day zero threats ThreatGRID around may of 2014. ThreatGRID’s statement The First Unified Malware Analysis and Threat Intelligence Solution sounds like a mouthful however represents its purpose of going beyond what most “sandbox” technologies accomplish in this market space. What is also interesting is this technology is being moved into other Cisco security offerings now that they are part of Cisco’s breach detection strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (3 votes cast)

Visual Investigations of Botnet Command and Control Behavior Infographic

Here is a really cool infographic developed by the director of researcher at Lancope. The original post can be found HERE.

In October, Tom Cross, Lancope’s Director of Research, presented a poster at Visualization for Cyber Security (VizSec) 2013 in Atlanta, GA . The poster included visualizations of the command-and-control channels of nearly two million botnet samples in an effort to help foster a better understanding of how botnets operate, and more effectively differentiate them from legitimate network traffic. The poster was created as a result of data analysis conducted by Lancope’s StealthWatch Labs research team. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

What is Cryptolocker and how to protect yourself

My buddy Aamir wrote a great post on Cryptolocker. The original can be found HERE.

Cryptolocker is malware that is categorized as ransomware. According to Wikipedia, “Ransomware comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed” (Wikpedia).

Cryptolocker is dangerous because if you are infected with the malware, you are in danger of losing all your files that are local to your machine, including attached storage (USB drives) and connected network drives. The network drives or any other mass storage media that shows up as a drive letter could be corrupted by the malware. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (2 votes cast)

Cross-Platform Malware: A Growing Threat For Computers

The MobiStealth team created a infographic featuring a known cross-platform malware known as Koobface. Check out the research and infograph below. The original can be found HERE.

Computer Malware & Koofbace:
The mention of cross-platform malware may not cause too many heads to turn today, but in 2009, it was still a relatively unfamiliar threat. That is precisely why the notorious computer worm popularly known as Koobface managed to wreck so much havoc using social networking websites, email outlets and messenger services. Unlike other malware, it spared no OS, be it Windows, Mac, or even Linux. The computer worm proved to be a really hard nut for the security experts to crack, giving it plenty of time to expand its list of victims and snagging money off them. Take a look at our Koobface infographics to see what the greatest threat in malware history had been up to and what you can do to keep yourself off its list of victims. Continue reading
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Malwarebytes annouces FBI Ransomware Now Targeting Apple’s Mac OS X Users

Interesting release from Malwarebytes regarding a new type of ransomware that targets Mac systems. This goes to show that Macs can be infected with malware and most likely will continue to be a focus for malicious attacks as Apple wins marketshare. Yes, Windows based systems have more known malware in the wild however, Macs are not necessarily more secure as many people believe. The original article can be found HERE. Credit due to Jerome Segura (@jeromesegura), senior security researcher at Malwarebytes and the rest of his team.

For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)