Securelist Archive / Analysis

Category: Research

Redirect auction

July 8, 2020, 12:00 pm.

We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated. Read Full Article

Research

Pig in a poke: smartphone adware

July 6, 2020, 10:00 am.

Igor Golovin, Anton Kivva

Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. Read Full Article

Research

Web skimming with Google Analytics

June 22, 2020, 10:00 am.

Victoria Vlasova

Recently, we identified several cases where Google Analytics was misused: attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Analytics. Read Full Article

Research

Aggressive in-app advertising in Android

May 25, 2020, 10:00 am.

Igor Golovin, Anton Kivva

We will look into a few examples of suspicious-looking ad modules that we discovered in popular apps earlier this year. Read Full Article

Research

Cyberthreats on lockdown

May 14, 2020, 12:00 pm.

AMR

The pandemic has affected us all in some way, so it would be surprising if cybercriminals were an exception. Spammers and phishers were naturally the trailblazers in this but the entire cybercrime landscape has changed in the last few months. Read Full Article

Research

Remote spring: the rise of RDP bruteforce attacks

April 29, 2020, 10:00 am.

Dmitry Galov

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Read Full Article

Research

Unkillable xHelper and a Trojan matryoshka

April 7, 2020, 9:00 am.

Igor Golovin

It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever. Read Full Article

Research

MonitorMinor: vicious stalkerware?

March 16, 2020, 10:00 am.

Victor Chebyshev

The other day, our Android traps ensnared an interesting specimen of software that can be used for stalking. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality. Read Full Article

Research

Shlayer Trojan attacks one in ten macOS users

January 23, 2020, 10:00 am.

Anton V. Ivanov, Mikhail Kuzin, Ilya Mogilin

For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in 2019, one in ten of our Mac security solutions encountered this malware at least once. Read Full Article

Research

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

December 10, 2019, 8:00 pm.

AMR, GReAT

During our investigation, we discovered that yet another 0-day exploit (CVE-2019-1458) was used in Operation WizardOpium attacks. Read Full Article

Securelist Archive / Analysis

Category: Research

Redirect auction

Pig in a poke: smartphone adware

Web skimming with Google Analytics

Aggressive in-app advertising in Android

Cyberthreats on lockdown

Remote spring: the rise of RDP bruteforce attacks

Unkillable xHelper and a Trojan matryoshka

MonitorMinor: vicious stalkerware?

Shlayer Trojan attacks one in ten macOS users

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001