Sinkholing the Backoff POS Trojan
There is currently a lot of buzz about the Backoff point-of-sale Trojan that is designed to steal credit card information from computers that have POS terminals attached. Trustwave SpiderLab, which originally discovered this malware, posted a very thorough analysis in July. The U.S. Secret Service, in partnership with DHS, followed up with an advisory. Although […] more…New PoS Malware “Backoff” Targets US
Last week, the US Computer Emergency Readiness Team (US-CERT) reported about a newly discovered malware, dubbed “Backoff”, which targets point-of-sale (PoS) systems. Similar to other PoS malware such as Dexter and Scraper, Backoff is also used to steal financial information for malicious purposes. Based on our analysis, when Backoff is executed, it copies itself into %Application Data%\OracleJava\javaw.exe and launches the copy […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…APT43: An investigation into the North Korean group’s cybercrime operations
Introduction As recently reported by our Mandiant’s colleagues, APT43 is a threat actor believed to be associated with North Korea. APT43’s main targets include governmental institutions, research groups, think tanks, business services, and the manufacturing sector, with most victims located in the United States and South Korea. The group uses a variety of techniques and […] more…Lessons learned from 2022
One of our goals is sharing with the security community as much as we learn from VirusTotal’s data to help stop, monitor and mitigate malicious activity. When looking back to 2022 we observe different interesting trends; we decided to go deeper into the three most interesting ones: evolution of distribution vectors, trending malware artifacts and […] more…More information
- Falling in love online? Don’t get caught out by the Tinder scammers
- ‘RedEye’ Ransomware Destroys Files, Rewrites MBR
- PASSTEAL Sneaks into Users Systems via File Sharing Sites
- Microsoft Intensifies Fight Against Terrorism
- iOS default hotspot passwords cracked in 50 seconds
- Microsoft VBScript and JScript CVE-2015-6052 ASLR Security Bypass Vulnerability
- Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities
- Teslas Can Be Stolen by Hijacking WiFi at Charging Stations, Researchers Find
- Telephonic irony – "Hello, this is the Do Not Call Register calling"
- Now it’s easy to see if leaked passwords work on other sites