PUP Friday: Nikoff Security
My attention was drawn a few weeks ago to a group of 6 apps in the Mac App Store, all made by someone named Nicholas Ebner. I downloaded the apps and ran them through their paces, and quickly my suspicions were confirmed.
A week in security (Sep 11 – Sep 17)
A compilation of notable security news and blog posts from September 11th to September 17th. This week, we talked about DetoxCrypto ransomware, a tax fraud campaign, malvertisement on adult sites, and phishers having a bad day.
PSA: DetoxCrypto Ransomware imitating Malwarebytes
Scammers will always try and imitate legitimate tools and services in an effort to trick people into harming their accounts and devices. If it isn’t fake logins, it’s dubious links on social media. If we’re wading knee deep in 419 emails, you can bet another round of tech support scams will be along in a minute. Today we look at an attempt at pushing DetoxCrypto Ransomware which suggests its from Malwarebytes…
Surfacing HTA infections
We show two examples of HTA induced infections we have seen recently. Nothing fancy, but feel free to consider it a general warning, that malware authors are expanding the number of file extensions they are using, to spread their payload.
Neutrino EK’s Afraidgate pushed in malvertising attack
With a rise in malvertising attacks lately, we take a look at an ad server pushing the Afraidgate, traditionally found on compromised sites.