Category Archives: Latest News

Newly Unleashed Alice Malware Targets ATMs to Spit Out Cash

atm-malware

Unlike RIPPER and SUCEFUL ATM malware, Alice Malware isn’t controlled via ATM’s PIN pad (ATM Keyboard) The malicious authors of Alice Malware haven’t focused on the coding that enables communication between malware server and ATM (Automated Teller Machine) through ATM key pad instead they have included an unique module that dishes out cash of ATM. Furthermore, it was highlighted that Authors of Alice Malware aren’t as experienced as other malware because their concept of collecting and selling payment card data online is really too much time consuming and poses risk of getting caught by cyber crime branch or FBI.

Continue reading

Posted in Latest News. Tagged with , .

Ransomware Attacks Increased to Manifold Targeting Businesses in 2016

ransomware-1

Kaspersky Lab has unleashed a report that claims number of cases of sudden increase in Ransomware attacks lately. Various Companies have to bear the brunt due to infamous ransomware attack which has significantly gone up since January to September 2016. What is most alarming, is the fact that this is not the end of the road and count down is still on. If reports are to be believed it is most baffling as ransomware is targeting one in every five businesses worldwide and the attack rate of ransomware that makes the count and has surpassed previous records of one every two minutes to one every forty seconds now. For the normal computer users, the attack rate was even worse because the rate crossed one attack in every 10 seconds in the month of September, 2016.

Continue reading

Posted in Latest News.

Osiris : A New Variant of Locky Ransomware Distributed via Excel

orisis-ransomware

Osiris ransomware is a newly identified variant of Locky Ransomware which aggressively ready to hit the Windows PC. The ransomware developers moved away from the Norse gods into Egyptian mythology by using .osiris file extension. This file extension used only a couple of weeks after the use of .aesir file extension. It has switched between the numerous extension since its initial appearance has occurred in February when it was used the .locky file extension to encrypt the files. Some other variants that spotted are Odin, Thor, and Zepto.

Continue reading

Posted in Latest News. Tagged with , .

Cyber Hackers Using Microsoft’s OneDrive For Spreading Malware

onedrive

Microsoft’s OneDrive For Business Distributes Malware

The security analysts from Forcepoint Security Labs have reported that the criminal hackers are using MS OneDrive for Business to distribute malware and viruses. The researchers also identified that the hackers have been using this cloud storage service to host the various payloads that are linked in the spam email campaigns which uses social engineering techniques. If the targeted victims fall for the trap, then they can get infected with several notorious viruses.

The Forcepoint security analysts have used different email samples in order to demonstrate how the cyber crooks uses the Microsoft’s OneDrive for Business accounts to spread malware. Moreover, the notable cases include the junk email campaigns where the system users receive few counterfeit invoices or other legit looking information. By using the popular cloud service, the con artists hope to make their malicious links appear more legitimate to victims. The crooks have hacked genuine users accounts and have used them for the malware distribution which is a nasty tactic.

Continue reading

Posted in Latest News.

Hackers Using Facebook Messenger To Spread Nemucod Downloader and Locky Ransomware

SVG file spreading Locky Ransomware

If you come across with any Facebook Message with an image file in .SVG file format send by any of your FB friends, then just avoid clicking it. An ongoing Facebook Spam Campaign is widely spreading malware downloader among the FB users by taking advantage of a legitimate looking SVG image file in order to infect the systems.

If clicked intentionally or accidentally, the file would eventually infect your computer with dangerous Nemucod Downloader Trojan and Locky Ransomware (new variant .aesir file virus) which is one of the favorite tools among the cyber hackers due to its infecting capabilities. Discovered by the security analyst Bart Blaze, the nasty attack campaign uses the Facebook Messenger in order to spread malware downloader named Nemucod which takes the form of .SVG image file.

Continue reading

Posted in Latest News.

Google Safe Browsing Serves Warning For The Repeated Offender Websites

Are you getting the warning notifications on the Chrome and other web browsers? Want to know the reason behind this? Go through with this post completely and get the complete information.

google_website_warning

Do you know what is the meaning of Repeat Offenders?

Repeat Offenders are the sites that keep switching between the complaint and non-complaint behavior with gaming purpose. The site which is used to hacked or malicious purposes will be not be categorized as a repeat offender. That tag is solely reserved only for those sites that contain the host harmful content.

About the nine years ago, Google has introduced Safe Browsing to protect Chrome users from the unsafe sites. The SafeBrowsing basically serves as an alerting mechanism when the System users arrive on a site that determined by the Google’s web crawlers which used to serve up the unwanted software ads, malware, and other social engineering purposes.

Continue reading

Posted in Latest News. Tagged with , .

Malware Researchers Spot Ransomware Virus Evolving into Doxware

doxware

Ransomware threats have seen a boom lately that has pushed the cyber security firms to attempt and crack them. Thus, making this a cyber war with average user in middle. Just like in other war, the technology also pushed onto the limits and evolves constantly. The ransomware infections have begun to use an evasive tactics, powerful encryption, more threatening ransom messages, newer payment procedures, and even the live customer support. Not only this, even one of the new feature called CBC mode or Cipher Block Chaining breaks the encrypted files and data if you try to tamper with them.

Now, there is a new ransomware type of threats which is growing in the popularity and it is on an another level in the terms of what impact can virus do to harm your PC. It is known as a doxware which comes from the urban term “doxxing”. Usually, by the definition, ‘doxxing’ or ‘doxing’ means the following:

doxware-definition

Continue reading

Posted in Latest News.

JapanLocker Ransomware Reported For Locking Websites

JapanLocker Ransomware is conceptualized as a precarious threat for the PC that has been especially crafted to work on 32-bit system architectures implementing the Windows Server 2008, 2012 and 2016. This harmful threat is basically programmed by online scammers for encrypting files belonging to sites, Web app servers and online stores. Unlike that of various other ransomware programs such as Crypt888 Ransomware it do not itemize documents and images regarding encryption. Instead prioritizes the databased and index files encryption.

JapanLocker Ransomware usually introduces itself onto the victim’s PC through corrupted plug-ins for the WordPress platform and online store infrastructures such as Volusion, Shopify and Magneto. Apart from this, manual hacking can also be a crucial reason responsible for the intrusion of this ransomware program inside the PC. Manual hacking generally occurs when high-profile pages are to be compromised with the aforementioned ransomware program. Often the developer of this perilous program makes utilization of corrupted ads including potential of surpassing of automatic filtering to distribute their crafted vicious program among the user’s PC.

Continue reading

Posted in Latest News. Tagged with , , .

RAA Ransomware Updated To Drops Pony Trojan

pony-trojan

On 9th September 2016 at Kaspersky Lab, security experts and malware researchers announced a new version of RAA ransomware which entitles as Trojan-PSW.Win32. Tepfer, Trojan-Ransom.JS.RaaCrypt. The newly detected version is completely written in JavaScript which mainly targeted the business users. The biggest change in the new version of this ransomware is that the user’s System no longer need to be encrypted online because it can locked your all files even offline as it does not requires communication with server.

In the June 2016, RAA ransomware appeared on the threat landscape which is known as the first ransomware that written on the JScript. Currently RAA ransomware is only spread in Russian users but it not to be long when it spread globally. In the Month of August 2016, the experts of Kaspersky Lab found a new version which also distribute via email but newly released ransomware hides its malicious code into the zip archive attachment.

Continue reading

Posted in Latest News.

Ransomware Using RAR to JavaScript as Email Attachments for Gateway

Ransomware is one of the most widely spread virus that affected all Windows PC globally via emails. Since emails are used by almost everyone for the communications and daily operations. Over the first half of year, malware researchers observed that how hackers leverages files types including VBScript, JavaScript and MS Office files with the macros to bypass the traditional security solutions. With the help of this article you will get the details that how ransomware affected on the fluctuation in the use of these types of files.

Continue reading

Posted in Latest News.