Displaying items by tag: Trojan

ANALYSIS When did American cyber security firm FireEye become aware that it had been compromised and its crown jewels — its Red Team tools — stolen?

Researchers from FireEye and Microsoft claim to have discovered a global intrusion campaign, using the Orion network monitoring system sold by SolarWinds, with a trojan being implanted into a file which was part of updates for the product; the compromised file was given the name SUNBURST. The software runs on Windows.

American cyber security company FireEye, which announced a couple of days ago that it had been compromised by unknown attackers who stole its offensive tools, has been accused of having poor Internet-facing security by a British company that specialises in PKI.

Russian security firm Kaspersky is on its Linux propaganda blitz again, this time with a claim that there is a Linux port of a trojan known as RansomEXX. However the company has conspicuously left out one much-needed fact from its post about this malware: the infection vector.

The new kid on the Windows ransomware block, WastedLocker, may be causing foreheads to wrinkle over at companies that fear attacks from this genre of malware, but it has given security firms, like global operator Sophos and Russian company Kaspersky, plenty of meat for its researchers to sink their teeth into.

The free version of CamScanner on Android contains malware, remove it now.

Researchers from security firm Intezer Labs say they have found malware, which they have named HiddenWasp, that targets Linux systems and is not detected by most anti-virus engines.

Security firm Check Point has discovered malware that uses a remote exploit to gain a presence on Linux servers and implant a backdoor trojan, and has dubbed it SpeakUp. The malware can also infect Mac devices.

Slovakian security firm ESET says it has discovered a new Android trojan that has the capabilities of remotely connected malware with misuse of Android Accessibility services to target PayPal app users.

A new Android trojan, named GPlayed, has been spotted by Cisco's Talos Intelligence Group which says it has an icon very similar to Google Apps and uses the label "Google Play Marketplace" as a disguise.

Russian authorities have arrested a 32-year-old man who is accused of being the leader of a group that was stealing funds from Russian banks by using a trojan that runs on the Android mobile operating system.

A lone attacker in Nigeria has been found to be responsible for a wave of relatively unsophisticated intrusion attempts into about 4000 companies worldwide.

An Oregon-based maker of macOS and iOS software has had source code for some apps stolen after he downloaded and installed a trojaned version of the open source video transcoder Handbrake.

A mirror download server for the open source video transcoder Handbrake has been compromised and the version for Mac users loaded with a remote access trojan.

Australian users of Microsoft Word are being advised to tread with care as a zero-day that was publicised on the weekend is being used to spread the Dridex banking trojan.

Security vendor Palo Alto Networks has identified Mac malware being used in targeted attacks.

Hummer, Hummingbad, Shedun, Androis_Libskin, right_core … all do similar things. In fact, it has been discovered that they all have the same roots. And they are multiplying faster than rabbits in a good mood.

Users are downloading a Hummer trojan infected app thinking they will get access to YouTube and other Google Services but it secretly roots the Android device, gaining admin-level access. It has infected well over 1 billion devices making it the number one trojan in the Android world.

The aim of a new Trojan called T9000 is to collect and forward information about Skype users on Windows.

Symantec reports the Android.Bankosy financial Trojan malware can now steal passwords from voice call-based two-factor authentication.