It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever. Read Full Article
MonitorMinor: vicious stalkerware?
The other day, our Android traps ensnared an interesting specimen of software that can be used for stalking. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality. Read Full Article
Shlayer Trojan attacks one in ten macOS users
For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in 2019, one in ten of our Mac security solutions encountered this malware at least once. Read Full Article
Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium
During our investigation, we discovered that yet another 0-day exploit (CVE-2019-1458) was used in Operation WizardOpium attacks. Read Full Article
Unwanted notifications in browser
When, back in 2015, push notifications were just appearing in browsers, very few people wondered how this tool would be used in the future. Read Full Article
The cybercrime ecosystem: attacking blogs
It is very common to see cybercriminals exploit vulnerabilities in blogging software such as WordPress and Joomla! for injecting their malicious code. In my research, I decided to investigate this further and see what the current threat landscape looks like by researching the most visited blogs in Sweden. Read Full Article
Steam-powered scammers
One of the most popular platforms among users (and hence cybercriminals) is Steam, and we’ve been observing money-making schemes to defraud its users for quite some time. Since June, however, such attacks have become more frequent and, compared to previous attempts, far more sophisticated. Read Full Article
Assessing the impact of protection from web miners
Cryptocurrency mining is an energy-intensive business. According to some estimates, Bitcoin miners consume the same amount of energy as the Czech Republic. Read Full Article
Agent 1433: remote attack on Microsoft SQL Server
One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to workstations through less-than-strong administrator password. Read Full Article
How to steal a million (of your data)
This cybercriminal’s thirst for stolen data is confirmed by the statistics: in the first half of 2019, more than 940,000 users were attacked by malware designed to harvest a variety of data on the computers. The threat’s called “Stealer Trojans” or Password Stealing Ware (PSW), a type of malware designed to steal passwords, files, and other data from victim computers. Read Full Article