Feed aggregator

Zloader/Terdot – That Man in the Middle

ThreatSTOP - Fri, 07/21/2017 - 19:04

The ZeuS malware family was first seen in July 2007, and is the poster child for long-lasting bots. Zbot, one of the aliases of ZeuS, has a familial relation to Terdot. When ZeuS's source code leaked in 2011 bad actors jumped at the chance to start updating its capabilities based on their campaigns. One of these offspring was Terdot. MalwareBytes has made a study of the ZeuS family, and have noted a recent increase in Terdot/Zloader infections.

Dynamic DNS Providers – Offering Options on IP Addresses

ThreatSTOP - Thu, 07/20/2017 - 23:13

ThreatSTOP has compiled a list of Dynamic DNS (DynDNS) services and providers. The list itself can is useful for both black lists as well as white lists.

El Machete Malware is Still "Sharp"

ThreatSTOP - Wed, 07/19/2017 - 19:19

In the rapid cycle rise and disappearance of malware campaigns, there are only a few campaigns that last for several years. One of these, is the El Machete malware, which was first discovered by Kaspersky, and is thought to have been active since 2010.

Magnitude EK: What's Shakin?

ThreatSTOP - Tue, 07/18/2017 - 21:22

The Magnitude EK, active since 2013, is one of the longest-running exploit kits used, with many of its most recent victims coming from Asia. It is usually seen distributing Cerber ransomware.

Winnti Aims to Win the Game

ThreatSTOP - Fri, 07/14/2017 - 00:23

The Winnti group is a Chinese-linked cybercriminal group that is most well-known for its 2011 attacks against online video game producers.

A Rough Time for Web-browsing: The RoughTed Campaign

ThreatSTOP - Wed, 07/12/2017 - 18:42

One family of malware that even the most vigilant of users has to be careful of is malvertising. Malvertising's dangers come from the fact that malware infection can occur from visiting a common legitimate website, as the malware is embedded within the ads on the website, rather than the website itself.

RIG Exploit Kit Takedown: Operation Shadowfall

ThreatSTOP - Tue, 07/11/2017 - 18:01

Similar to Terror EK, the RIG EK gained a lot of footing in the EK market after the downfall of the Angler, Neutrino, and Nuclear exploit kits.

BankBot and BankBotAlpha – Banking Android Malware

ThreatSTOP - Mon, 07/10/2017 - 21:32

BankBot is a malware targeting Android OS, and has appeared in the Google Play Store in different forms, often impersonating well-known application icons or names.

WildFire Locker – Ransomware Disguised as Missed Delivery

ThreatSTOP - Wed, 07/05/2017 - 18:20

Ransomware operators do not usually target specific victims as a source of money, but this campaign might change that.

Adylkuzz - Quietly Mining Cryptocurrency

ThreatSTOP - Fri, 06/30/2017 - 22:07

In May 2017, the WannaCry Ransomware Attack was all over the news being, what some will say, is the biggest cyberattack to date.

DiamondFox Jumps over the Competition

ThreatSTOP - Thu, 06/29/2017 - 19:11

DiamondFox, also known as Gorynych, is a modular malware that highlights the growth of the malware-as-a-service industry. With accessible how-to videos on YouTube showing aspiring cybercriminals how to set up DiamondFox and a user-friendly interface, it’s easy to see how this malware allows even the least sophisticated attacker to potentially compromise victims.


Want to Learn More?

Request a free, 30-minute online walk-through of the ThreatSTOP Platform.

Request a Free Demo

Already in Prevention Mode?

Sign-up for a free, 14-day trial of the ThreatSTOP Platform.

Start a Free Trial

Prefer a Free Assessment?

Use any of our free assessment tools to better
understand your need for proactive defense.

Get a Real-time Assessment