Not-so-dear subscribers

Many people have had a run-in with subscriptions to mobile content providers. They appear out of the blue, and get discovered only when account funds run dry. We recently discovered several apps in Play Market directly related to such intrusive services. Read Full Article

Threats to users of adult websites in 2018

We examined malware disguised as pornographic content, and malware that hunts for credentials to access pornography websites. We looked at the threats that are attacking users across the internet in order to find out which popular websites might be dangerous to visit. Additionally, we checked our phishing and spam database to see if there is a lot of pornographic content on file and how is it used in the wild. Read Full Article

USB threats from malware to miners

In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen. 98% of the dropped drives were picked up by staff and students, and at least half were plugged into a computer in order to view the content. For a hacker trying to infect a computer network, those are pretty irresistible odds. Read Full Article

Using legitimate tools to hide malicious code

The authors of malware use various techniques to circumvent defensive mechanisms and conceal harmful activity. One of them is the practice of hiding malicious code in the context of a trusted process. Typically, malware that uses concealment techniques injects its code into a system process, e.g. explorer.exe. But some samples employ other interesting methods. We’re going to discuss one such type of malware. Read Full Article

Operation Ghoul: targeted attacks on industrial and engineering organizations

We recently identified a cybercriminal operation targeting a large number of organizations, with focus on few countries more than others. Attackers are utilizing simple tools with proficient social engineering, highly successful with Industrial and engineering SMBs. Attacks are ongoing, slowly crippling businesses, spreading harm and ruin wherever they land, like a Ghoul. Read Full Article

The evolution of Brazilian Malware

Cybercrime in Brazil has changed drastically in the last few years, as it shifted from simple keyloggers to tailored remote administration tools that can run a complete attack by using the victim machine. As we know, they are in touch with cybercriminals from Eastern Europe, mainly Russians. Read Full Article

Spam and phishing in Q3 2015

In Q3 of 2015, the percentage of spam in email traffic accounted for 54.2%. The holiday season saw an increase in tourism-related malicious spam. Cybercriminals sent out fake notifications from well-known booking services, airlines and hotels, as well as emails from individuals. They typically included attached archives with different Trojan downloaders. Read Full Article