Results for '%s'
A deep dive into Saint Bot, a new downloader
April 6, 2021 - This post was authored by Hasherezade with contributions from Hossein Jazi and Erika Noerenberg In late March 2021, Malwarebytes analysts discovered...
Threat spotlight: WastedLocker, customized ransomware
July 10, 2020 - WastedLocker is a new ransomware operated by a malware exploitation gang commonly known as the Evil Corp gang. The same gang...
Hidden Bee: Let’s go down the rabbit hole
May 31, 2019 - Some time ago, we discussed the interesting malware, Hidden Bee. It is a Chinese miner, composed of userland components, as well...
Mac cryptocurrency ticker app installs backdoors
October 29, 2018 - An astute contributor to our forums going by the handle 1vladimir noticed that an app named CoinTicker was exhibiting some fishy...
Hermes ransomware distributed to South Koreans via recent Flash zero-day
March 14, 2018 - This blog post was authored by @hasherezade, Jérôme Segura and Vasilios Hioureas. At the end of January, the South Korean Emergency...
Blast from the past: stowaway Virut delivered with Chinese DDoS bot
March 1, 2018 - Recently, we described an unusual Chinese drive-by attack that was delivering a variant of the Avzhan DDoS bot. The attack also contained multiple...
Adware the series, the final: Tools section
July 19, 2017 - So far in this series, we have handed you some methods to recognize and remediate adware. We used this diagram as...
Post-holiday spam campaign delivers Neutrino Bot
January 11, 2017 - This post was co-authored by @hasherezade and Jérôme Segura During the Christmas season and early into the new year, we noticed a sharp decrease...
Hosts file hijacks
September 21, 2016 - In an earlier blog post about DNS hijacks, we briefly touched on the hosts file. The hosts file is like your...
Browser-based fingerprinting: implications and mitigations
August 29, 2016 - Update (04/12/2017): The INRIA has a tool to fingerprint browser extensions and detect other other browser leaks. Update (03/17/2017): Microsoft patched CVE-2017-0022, reported...