Hosts file hijacks

The hosts file is the internet variant of a personal phonebook. We discuss a few malware variants that replace or change that phonebook, so you end up calling the wrong sites. The ones they want you to call.

Read more

Just For Men website serves malware

The website for Just For Men, a company that sells various products for men, had their website breached and was serving a password stealing Trojan. The malicious code embedded in the WordPress site was part of the EITest campaign and pushed the RIG exploit kit.

Read more

A week in security (Sep 04 – Sep 10)

A compilation of notable security news and blog posts from September 4th to September 10th. This week, we talked about a fake Pokémon Go app, a Mac OSX junk app, and some new Google Safe Browsing updates.

Read more

Shakti Trojan: Technical Analysis

Recently, we took a look at the interesting Trojan found by Bleeping Computer. Our small investigation on its background and possible attribution has led us to the conclusion that this threat is in reality not new – probably it has been designed in 2012 for the purpose of corporate espionage operations. Yet it escaped from…

Read more

Shakti Trojan: Document Thief

Recently, Bleeping Computer published a short article about an unrecognized Trojan that grabs documents from the attacked computer and uploads them into a malicious server. Looking at the characteristics of the tool, we suspect that it has been prepared for the purpose of corporate espionage. So far, no AV has given any meaningful identification to this malware—it is detected under generic names. Since not much is known about its internals, we decided to take a closer look.

Read more

Select your language