background preloader

Malicious Code

Facebook Twitter

Exclusive: FBI warns of 'destructive' malware in wake of Sony attack. Malware trends and cyber security considerations for 2015. Last year was a banner one for breaches, cyber attacks and advanced malware.

Malware trends and cyber security considerations for 2015

Hackers Breaking New Ground With Ransomware. The tools and tactics being used to go after victims reveal growing sophistication, and gamers need to look out, security researchers say.

Hackers Breaking New Ground With Ransomware

The enormous success which hackers have had extracting millions of dollars from individuals and businesses using ransomware appears to be driving more sophisticated tools and tactics from them. This week researchers sounded the alert on two recent ransomware families that break ground in different ways. One of them dubbed Virlock is noteworthy because it not only locks the screen of compromised systems like other ransomware, but also infects files on the device. First noticed by security firm ESET in December, Virlock is also polymorphic, meaning the code changes every time it runs making it hard to detect using standard malware detection tools.

What are malware, viruses, Spyware, and cookies, and what differentiates them ? What are malware, viruses, Spyware, and cookies, and what differentiates them ?

What are malware, viruses, Spyware, and cookies, and what differentiates them ?

"Malware" is short for malicious software and used as a single term to refer to virus, spy ware, worm etc. Malware is designed to cause damage to a stand alone computer or a networked pc. So wherever a malware term is used it means a program which is designed to damage your computer it may be a virus, worm or Trojan. Worms:- Worms are malicious programs that make copies of themselves again and again on the local drive, network shares, etc.

The only purpose of the worm is to reproduce itself again and again. Examples of worm are: - W32.SillyFDC.BBY Packed.Generic.236 W32.Troresba Due to its replication nature it takes a lot of space in the hard drive and consumes more cpu uses which in turn makes the pc too slow also consumes more network bandwidth. Virus:-Virus is a program written to enter to your computer and damage/alter your files/data. Malware targets gamers, holds high scores hostage. A new type of malware is playing with gamers.

Malware targets gamers, holds high scores hostage

The ransomware, described by a researcher at cybersecurity company Bromium, affects at least two dozen popular games, locking players out until they pay to open up their saved games, add-ons and scores. Ransomware has been a rising trend among cyberattackers over the last couple years. The name comes from the fact that the malware infects your computer and then takes over, requiring payment to let you back into your files. Earlier this year, readers of the Huffington Post and other sites were victims of rasomware that made its way onto their machines via infected advertisements. Self-deleting malware targets home routers to gather information.

March 11, 2015 Attackers could be using VICEPASS for reconnaissance, or for future cross-site request forgery attacks.

Self-deleting malware targets home routers to gather information

Researchers with Trend Micro have analyzed malware that first connects to home routers and scans for connected devices, and then sends the information it gathers to a command-and-control (C&C) server before deleting itself without a trace. The malware was detected by Trend Micro as TROJ_VICEPASS.A, or VICEPASS, and it has been observed infecting users that navigate to malicious websites hosting a purported Adobe Flash update, according to a Monday post by Kenney Lu, of Trend Micro. Once downloaded and executed, the malware uses a predefined list of usernames and passwords to attempt to connect to the home router, Lu wrote. Some of the usernames include admin, D-Link, guest, root and user, and some of the passwords include 12345678, admin, password and qwerty. Equation: The Death Star of Malware Galaxy. Download "Equation group: questions and answers" PDF "Houston, we have a problem" One sunny day in 2009, Grzegorz Brzęczyszczykiewicz1 embarked on a flight to the burgeoning city of Houston to attend a prestigious international scientific conference.

Equation: The Death Star of Malware Galaxy

As a leading scientist in his field, such trips were common for Grzegorz. Over the next couple of days, Mr Brzęczyszczykiewicz exchanged business cards with other researchers and talked about the kind of important issues such high level scientists would discuss (which is another way of saying "who knows? "). Cisco_2014_ASR. How the NSA's Firmware Hacking Works and Why It's So Unsettling.

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code.

How the NSA's Firmware Hacking Works and Why It's So Unsettling

The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named “nls_933w.dll”, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered. It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. Here’s what we know about the firmware-flashing module.

How It Works Go Back to Top. Dealing with CryptoLocker ransomware. If you see this CryptoLocker image on your computer screen disconnect your computer from the internet immediately by removing your network cable or turning off the wireless connection.

Dealing with CryptoLocker ransomware

Also disconnect USB storage devices or network shares and turn off any cloud backup services you may use such as Dropbox or Office 365. Significant numbers of New Zealanders have been dealing with ransomware during 2013. Ransomware is a form of malicious software or ‘malware’ which demands payment to unlock your computer and can often prove difficult to clean up or remove from both PCs and Macs. CryptoLocker ransomware is the latest variant that now encrypts the files on your computer using a powerful algorithm that cannot be defeated without paying the sum asked for by the cyber criminals.