One of the more interesting payloads to have been delivered during last week’s attack on visitors to the php.net Web site is a ransomware application that uses information from the victim’s own user profile to customize what is, in effect, a ransom note with some of the victim’s own information embedded in it, ostensibly from [...]
Big Data Security Analytics, behavioral analysis, and deep knowledge about cyberattacks, malware and other Internet threats.
Victims of October’s malware infection campaigns (so far) can expect to receive a triple-cocktail of threats: a particularly cavalier ransomware called CryptoLocker; clickfraud on a massive scale; and (it goes almost without saying) the theft of passwords and other personal data. Since the beginning of last month (we first saw the malware on September 6th), [...]
A Trojan in the wild, masquerading as an update for a browser add-on named Adobe Photo Loader, is quietly using the victim’s infected computer to post spam messages to random categories in the online classified-ads service Craigslist. One of the payloads dropped by the initial Trojan, this postware malware bypasses Craigslist’s anti-spam controls through a [...]
A malware campaign, underway for about a week, is delivering a worm payload that’s engaging in behavior I haven’t seen before: It appears to propagate by using the command-line rar.exe tool to insert copies of itself inside of any RAR archive present on the infected system. If a user inserts a removable storage device, such [...]
Until recently, I had little reason to think about the south pacific island of Palau, but the former US territory, home to roughly 20,000 permanent residents, rises to notorious prominence this month. Since the beginning of the month, Solera Networks have been tracking the use of domains registered with Palau’s country-code Top Level Domain, .pw, [...]