You are here:-Anti-Malware


We identified a MacOS backdoor (detected by Trend Micro as  OSX_OCEANLOTUS.D) that we believe is the latest version of a threat used by OceanLotus (a.k.a. APT 32, APT-C-00, SeaLotus, and Cobalt Kitty). OceanLotus was responsible for launching targeted attacks against human rights organizations, media organizations, research institutes, and maritime construction firms. The attackers

By | 2018-04-04T23:03:33+00:00 April 4th, 2018|Categories: Anti-Malware|0 Comments

by Chaoying Liu and Joseph C. Chen On March 25, we saw that the number of cryptocurrency web miners detected by the Trend Micro Smart Protection Network suddenly spiked. Our team tracked the web miner traffic and found that the bulk of it was linked to MSN[.]com in Japan. Further analysis revealed that

By | 2018-04-04T22:48:25+00:00 April 4th, 2018|Categories: Anti-Malware|0 Comments

by Tamada Kiyotaka and MingYen Hsieh Trend Micro discovered the ChessMaster campaign back in July 2017 as part of our monitoring efforts to protect our customers. At the time, we found ChessMaster targeting different sectors from the academe to media and government agencies in Japan. The threat group used a variety of attack tools

By | 2018-03-30T01:25:26+00:00 March 29th, 2018|Categories: Anti-Malware|0 Comments

We uncovered a new Android malware that can surreptitiously use the infected device’s computing power to mine Monero. Trend Micro detects this as ANDROIDOS_HIDDENMINER. This Monero-mining Android app’s self-protection and persistence mechanisms include hiding itself from the unwitting user and abusing the Device Administrator feature (a technique typically seen in SLocker Android ransomware).

By | 2018-03-29T01:05:51+00:00 March 28th, 2018|Categories: Anti-Malware|0 Comments

By Dr. Marco Balduzzi, Senior Researcher, Forward-Looking Threat Research Team As a large cyber security vendor, Trend Micro deals with millions of threat data per day. Our Smart Protection Network (SPN), among other technologies, helps us conduct research and investigate new threats and cybercrimes to improve our ability to protect our customers. In this

By | 2018-03-28T00:55:16+00:00 March 27th, 2018|Categories: Anti-Malware|Comments Off on

By Jon Oliver and Menard Oseña As new trends and developments in the malicious mining of cryptocurrency emerge, a smart and sustainable way of detecting these types of threats is swiftly becoming a cybersecurity necessity. By using Trend Micro Locality Sensitive Hashing (TLSH), a machine learning hash that is capable of identifying similar

By | 2018-03-27T00:31:14+00:00 March 26th, 2018|Categories: Anti-Malware|Comments Off on

Legitimate and large-scale cryptocurrency mining operations often invest in dedicated hardware and electric consumption to make a profit. This doesn’t escape the attention of cybercriminals: Malicious cryptocurrency mining was so pervasive last year that it was the most detected network event in devices connected to home routers. Through our incident response-related monitoring, we

By | 2018-03-21T23:09:12+00:00 March 21st, 2018|Categories: Anti-Malware|Comments Off on

by Jaromir Horejsi, Joey Chen, and Joseph C. Chen Tropic Trooper (also known as KeyBoy) levels its campaigns against Taiwanese, Philippine, and Hong Kong targets, focusing on their government, healthcare, transportation, and high-tech industries. Its operators are believed to be very organized and develop their own cyberespionage tools that they fine-tuned in their

By | 2018-03-14T22:29:58+00:00 March 14th, 2018|Categories: Anti-Malware|Comments Off on

Microsoft’s Patch Tuesday for March is an eventful one, with updates that comprise fixes for 75 security issues and a change of tack in its patch deployment process for Windows 10. Of the vulnerabilities Microsoft patched for this month, 14 were rated as Critical and 61 Important. Six of these were disclosed through

By | 2018-03-14T22:15:08+00:00 March 14th, 2018|Categories: Anti-Malware|Comments Off on

by David Fiser and William Gamazo Sanchez Exploits for the notorious Meltdown and Spectre vulnerabilities may still just be working proofs of concept (PoC) or reportedly experimented on for now, but it’s only a matter of time before threat actors fully weaponize them. Meltdown and Spectre are pervasive, affecting machines built as early

By | 2018-03-13T22:02:30+00:00 March 13th, 2018|Categories: Anti-Malware|Comments Off on