Magniber ransomware: exclusively for South Koreans

A few days ago, Magnitude EK resurfaced, this time with a new payload that targets only the country of South Korea. It’s called Magniber ransomware.

Read more

Labs report: summer ushers in unprecedented season of breaches

In this edition of the Malwarebytes Cybercrime Tactics and Techniques report, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. We also observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams.

Read more

Week in Security (August 7 – August 13)

A compilation of security news and blog posts from Monday the 7th of August to August 14th. We looked at security certificates and the new bloated Cerber ransomware.

Read more

Cerber ransomware delivered in format of a different order of Magnitude

We review a trick that the Magnitude exploit kit uses to bypass security scanners.

Read more

Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain

This post shines some light on a ‘gate’ belonging to the geo-targeted Magnitude exploit kit.

Read more

Report: Second quarter dominated by ransomware outbreaks

The second quarter of 2017 left the security world wondering, “What the hell happened?” With leaks of government-created exploits being deployed against users in the wild, a continued sea of ransomware constantly threatening our ability to work online, and the lines between malware and potentially unwanted programs continuing to blur, every new incident was a wakeup call.In this report, we are going to discuss some of the most important trends, tactics, and attacks of Q2 2017, including an update on ransomware, what is going on with all these exploits, and a special look at all the breaches that happened this quarter.

Read more

Locky ransomware is back, but we already protect against it

For a while, it appeared that Locky ransomware had completely disappeared and allowed for Cerber to take the number one spot as the most distributed piece of ransomware. But after a long absence, Locky returns in full swing.

Read more

Report: Cybercrime climate shifts dramatically in first quarter

The first quarter of 2017 brought with it some significant changes to the threat landscape and we aren’t talking about heavy ransomware distribution either. Threats which were previously believed to be serious contenders this year have nearly vanished entirely, while new threats and infection techniques have forced the security community to reconsider collection and analysis efforts.

Read more

Malwarebytes Labs Presents: The Cybercrime Tactics and Techniques Report

In our first wrap-up of the threat landscape, we are going to cover the trends observed during the last few months of 2016, provide an analyst’s view of the threats, and offer some predictions for the beginning of 2017. Moving forward, every quarter we will bring you a view of the threat landscape through the eyes of Malwarebytes researchers and analysts.

Read more

PrincessLocker – ransomware with not so royal encryption

PrincessLocker ransomware has appeared some time ago and has drawn out attention by using the same template of the site for a victim as Cerber did. In this article, we dig deeper and try to answer questions about its internal similarities with Cerber (and other known ransomware).

Read more

Select your language