April 4, 2018 - A lesser-known variant called LockCrypt ransomware has been creeping around under the radar since June 2017. We take a look inside its code and expose its flaws.
March 28, 2018 - QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we'll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes.
March 27, 2018 - In this part of the encryption 101 series, we will begin wrapping it up by going into detail on a ransomware with weak encryption and walking through step-by-step the thought process of creating a decryptor for it.
March 13, 2018 - Evading detection when distributing payloads is a key part of an effective malware campaign. Hancitor shows that it has yet another trick up its sleeve for that.
March 6, 2018 - Continuing on in our Encryption 101 series, we now look at what it takes to break encryption. In order for something as powerful as encryption to break, there needs to be some kind of weakness to exploit. That weakness is often a result of an error in implementation.
March 1, 2018 - A recent Chinese drive-by attack dropped Virut, an ancient virus that's been out of commission since 2013. So what was it doing in this modern attack?
February 23, 2018 - The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we'll take a deep dive into its functionality and compare the sample we captured with the one described in the past.
February 12, 2018 - Android users have been exposed to drive-by cryptomining in one of the largest campaigns that we have detected so far.
January 31, 2018 - We've found that a variant of the Scarab ransomware, called Scarabey, is distributed via a different technique, with a different payload code, and a new target: Russia.
January 18, 2018 - Two new extensions in Firefox and Chrome force install then hide from the user. Learn how you can protect yourself against them and remove them manually.