Malware Alert

  • Following the Trail of BlackTech’s Cyber Espionage Campaigns
    BlackTech is a cyber espionage group operating against targets in East Asia, particularly Taiwan, and occasionally, Japan and Hong Kong. Based on the mutexes and domain names of some of their C&C servers, BlackTech’s campaigns are likely designed to steal their target’s technology. Following their activities and evolving tactics and techniques helped us […]
  • AdGholas Malvertising Campaign Employs Astrum Exploit Kit
    At the end of April this year, we found Astrum exploit kit employing Diffie-Hellman key exchange to prevent monitoring tools and researchers from replaying their traffic. As AdGholas started to push the exploit, we saw another evolution: Astrum using HTTPS to further obscure their malicious traffic. We spotted a new AdGholas malvertising campaign using the.. […]
  • Erebus Resurfaces as Linux Ransomware
    On June 10, South Korean web hosting company NAYANA was hit by Erebus ransomware (detected by Trend Micro as RANSOM_ELFEREBUS.A), infecting 153 Linux servers and over 3,400 business websites the company hosts. In a notice posted on NAYANA’s website last June 12, the company shared that the attackers demanded an unprecedented ransom of 550 Bitcoins (BTC), or […]
  • Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
    Fileless threats and ransomware aren’t new, but a malware that incorporates a combination of their characteristics can be dangerous. Take for instance the fileless, code-injecting ransomware we’ve uncovered—SOREBRECT, which Trend Micro detects as RANSOM_SOREBRECT.A and RANSOM_SOREBRECT.B. Post from: Trendlabs Security Intelligence Blog - by Trend Micro Analy […]
  • Microsoft Patches Windows XP Again As Part of June Patch Tuesday
    Last month, in reaction to the WannaCry outbreak that affected Windows users all over the world, Microsoft released a patch for Windows XP—an operating system it had stopped supporting in 2014. Post from: Trendlabs Security Intelligence Blog - by Trend Micro Microsoft Patches Windows XP Again As Part of June Patch Tuesday […]