Category: Anti-Malware

anti-Malware

TrendLabs Security Intelligence BlogOnionDog is not a Targeted Attack—It’s a Cyber Drill

by Feike Hacquebord, Stephen Hilt and Fernando Mercês Alleged attacks from North Korean actors are a hot security research topic. The infamous Sony Pictures hack in 2014, for instance, was reported by some to be the work of North Korean...

/ August 9, 2017

TrendLabs Security Intelligence BlogBackdoor-carrying Emails Set Sights on Russian-speaking Businesses

by Lenart Bermejo, Ronnie Giagone, Rubio Wu, and Fyodor Yarochkin  A malicious email campaign against Russian-speaking enterprises is employing a combination of exploits and Windows components to deliver a new backdoor that allows attackers to take over the affected system. The...

/ August 7, 2017

TrendLabs Security Intelligence BlogCerber Ransomware Evolves Again, Now Steals From Bitcoin Wallets

By Gilbert Sison and Janus Agcaoili Cerber ransomware has acquired the reputation of being one of the most rapidly evolving ransomware families to date. Just in May, we pointed out how it had gone through six separate versions with various...

/ August 3, 2017

TrendLabs Security Intelligence BlogA Look at JS_POWMET, a Completely Fileless Malware

by Michael Villanueva  As cybercriminals start to focus on pulling off attacks without leaving a trace, fileless malware, such as the recent SOREBRECT ransomware, will become a more common attack method. However, many of these malware are fileless only while...

/ August 2, 2017

TrendLabs Security Intelligence BlogNew WannaCry-Mimicking SLocker Abuses QQ Services

by Lorin Wu Trend Micro researchers detected a new SLocker variant that mimics the GUI of the WannaCry crypto-ransomware on the Android platform. Detected as ANDROIDOS_SLOCKER.OPSCB, this new SLocker mobile ransomware variant features new routines that utilize features of the...

/ August 2, 2017

TrendLabs Security Intelligence BlogHow HTML Attachments and Phishing Are Used In BEC Attacks

Traditionally, BEC attacks have used keyloggers to steal saved account information from target machines. However, using an executable file for the attachment usually flags a user not to click them as there is a high chance that the file is malicious....

/ July 27, 2017

TrendLabs Security Intelligence BlogLinux Users Urged to Update as a New Threat Exploits SambaCry 

by Mohamad Mokbel, Tim Yeh, Brian Cayanan A seven-year old vulnerability in Samba—an open-source implementation of the SMB protocol used by Windows for file and printer sharing—was patched last May but continues to be exploited. According to a security advisory...

/ July 18, 2017

TrendLabs Security Intelligence BlogSpam Campaign Delivers Cross-platform Remote Access Trojan Adwind

Cybercriminals are opportunists. As other operating systems (OS) are more widely used, they, too, would diversify their targets, tools, and techniques in order to cash in on more victims. That’s the value proposition of malware that can adapt and cross...

/ July 11, 2017

TrendLabs Security Intelligence BlogSLocker Mobile Ransomware Starts Mimicking WannaCry

by Ford Qin Early last month, a new variant of mobile ransomware SLocker (detected by Trend Micro as ANDROIDOS_SLOCKER.OPST) was detected, copying the GUI of the now-infamous WannaCry. The SLocker family is one of the oldest mobile lock screen and...

/ July 5, 2017

TrendLabs Security Intelligence BlogInformation Stealer Found Hitting Israeli Hospitals

The abuse of shortcut (LNK) files is steadily gaining traction among cybercriminals. We’ve seen a plethora of threats that leverage malicious LNK files: from well-known ransomware families, backdoors typically deployed in targeted attacks, and banking Trojans to spam emails, even...

/ June 29, 2017