Shining a light on “Silent Night” Zloader/Zbot

The latest Malwarebytes Threat Intel report focuses on Silent Night, a new banking Trojan recently tracked as Zloader/Zbot.

Read more

When three isn’t a crowd: Man-in-the-Middle (MitM) attacks explained

Maybe it’s the quirky way some tech writers abbreviate it, or the surreal way it reminded you of that popular Michael Jackson song. Whatever triggers you to remember the term, for most of us, man-in-the-middle embodies something both familiar yet mysterious. Let’s get to know this threat a little bit better, shall we?

Read more

Household improvement emails come with Zbot malware

Malicious emails are in circulation claiming to contain an invoice from a Kitchen Appliance company, but instead contains the dangerous Zbot.

Read more

‘Dyre’ malware goes after Salesforce users

The threat known as Dyre was originally spotted by security firm CSIS and by PhishMe which also had uncovered the new malware earlier in June.

Back then, the threat was aimed at banks and other financial institutions, something very reminiscent of other banking Trojans such as Zeus and its variants.

But researchers discovered that the malware is now capable of capturing login credentials from Salesforce users by redirecting them through a phishing website.

Dyre will initially infect users through some form of social-engineering, typically with an email that contains a malicious attachment. Once on the system, the malware can act as a man-in-the-middle and intercept every single keystroke. To be clear, this is not a vulnerability with Salesforce or its website, but rather a type of malware that leverages compromised end-point machines.

Read more

Hiding in plain sight: a story about a sneaky banking Trojan

A new variant of the Zeus/Zbot trojan, dubbed ZeusVM, is using images as a decoy to retrieve its configuration file, and waits to steal banking info.

Read more

Using Good Code for Bad Things

See how malware takes good code and makes it bad.

Read more

Facebook Virus That Drains Your Bank Accounts: What You Need to Know

Awareness and education about online dangers is essential but headlines like “Malware That Drains Your Bank Account Thriving On Facebook” instill fear while at the same time blame Facebook — something that may not be entirely justified.

Read more

Citadel: a cyber-criminal’s ultimate weapon?

In old times, a citadel was a fortress used as the last line of defense. For cyber criminals it is a powerful and state-of-the-art toolkit to both distribute malware and manage infected computers (bots). Citadel is an offspring of the (too) popular Zeus crimekit whose main goal is to steal banking credentials by capturing keystrokes…

Read more

Malwarebytes @ DefCon: The Wrap-Up

As mentioned last week, the Malwarebytes crew made it out to DefCon this year to check out all of the interesting talks and presentations given by various members of the computer/intelligence security community. This blog is meant to summarize most of what we saw, giving a brief explanation of which talks we thought were the…

Read more

Select your language