A week in security (September 10 – 16)

A roundup of the security news from September 10–16, including omnichannel fraud, ways to get back at scammers, the security of 2FA, and partnerstrokas.

Read more

Process Doppelgänging meets Process Hollowing in Osiris dropper

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

Read more

Fake Fortnite for Android links found on YouTube

The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions of Fortnite for Android. Spoiler alert: they’re fake.

Read more

An in-depth malware analysis of QuantLoader

QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we’ll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes.

Read more

Bogus hack apps hack users back for cryptocash

Recently, we discovered a gold mine of fake hack apps that mine for Monero cryptocurrency and serve up annoying adware.

Read more

Lo lo lo Loapi Trojan could break your Android

Loapi Trojan discovered on Android devices—a downloader, dropper, adware app, and SMS Trojan all in one—could literally blow up your phone. Read on to learn how to protect against it.

Read more

Seamless campaign serves RIG EK via Punycode (updated)

The most prolific gate to the RIG exploit kit is coming in a different flavor. The Seamless campaign is now using a domain name with foreign characters translated by Punycode.

Read more

A week in security (November 20 – November 26)

Learn what happened in the world of security during the week of November 20 to November 26.

Read more

Terdot Trojan likes social media

The Terdot Trojan is a banker, but it loves to steal your social networks credentials as well.

Read more

Analyzing malware by API calls

As an alternative to reverse engineering malware that is protectively packed, we look at the option of analyzing malware by API calls to determine what a file might be up to.

Read more

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language