26 matches found
Threat Roundup for October 25 to November 1
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 25 and Nov. 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Threat Roundup for June 21 to June 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 21 and June 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for May 3 to May 10
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 03 and May 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Malware Hunter Crawls Internet Looking for RAT C2s
A new crawler released today by Shodan designed to find command and control servers has already unearthed 5,800 controllers for more than 10 remote access Trojan RAT families. The crawler, called Malware Hunter, poses as an infected computer beaconing out to an attacker’s server waiting for...
ZeroAccess Returns, Resumes Click-Fraud Activity
Long thought dead, the peer-to-peer P2P ZeroAccess botnet has resurfaced, and as of just a few weeks ago, has returned to propagating click-fraud scams. Researchers with Dell’s SecureWorks revealed Wednesday that they witnessed the botnet restart itself from March 21 to July 2, 2014 and that...
Microsoft Says ZeroAccess Click-Fraud Botnet Abandoned
Microsoft is declaring the ZeroAccess botnet dead. Two weeks after obtaining a court order to disrupt the botnet’s ability to carry out click-fraud, assistant general counsel Richard Boscovich of Microsoft’s Digital Crimes Unit said late last week that the botmasters behind ZeroAccess had abandon...
ZeroAccess Peer To Peer Botnet Takedown Incomplete
Microsoft trumpeted its disruption of the ZeroAccess peer-to-peer botnet late last week, but some experts are holding off on scheduling a celebratory ticker-tape parade. With numerous successful takedowns of botnets with a centralized command and control infrastructure in its back pocket, Microso...
Microsoft's Digital Crimes Unit successfully disrupted the ZeroAccess Botnet
None...
microsoft disrupts zeroaccess botnet
Microsoft’s crusade against botnets raged on yesterday as the Redmond, Wash., computer giant and a coalition of law enforcement agencies and Internet security companies disrupted the notorious ZeroAccess botnet. ZeroAccess, or Sirefef as Microsoft likes to call it, is a malware platform that...
Counter.php Redirecting to Sites Peddling Styx Exploit Kit
The Counter.php strain of malware has been spotted in the past redirecting users to a handful of malicious sites and now appears to be leveraging that ability to send victims to websites serving up the Styx exploit kit. According to a post on Securelist today, Vincente Diaz, a researcher with...
65 Sites Compromised in ZeroAccess Trojan Attacks
As many as 65 websites have been compromised in an attack that has snared another Washington, D.C.-area media website as well as a number of travel and leisure sites. While the sites aren’t topically related, they’re all hosting advertisements injected with malicious code hosted on...
Free Beacon Article Redirects to ZeroAccess Rootkit, Fake AV
Update: Aaron Harison, president of the Center for American Freedom, told Threatpost this morning that the issue has been resolved and the site is no longer serving malware. Hackers have latched on to the NSA surveillance story—literally. A news story on the outing of whistleblower Edward Snowden...
Peer-to-Peer Botnet Takedowns a Challenge
The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...
Click-Fraud Falls as Microsoft Fights ZeroAccess Malware
Microsoft said actions it has taken to stymie the ZeroAccess malware have resulted in a drop off in click-fraud traffic. Microsoft Malware Protection Center researchers Tommy Blizard and Nikola Livic made the observation based on a precipitous drop-off in click-traffic on Microsoft’s extended...
More Malware Showing Up as Fake SourceForge Web Sites
Malware developers continue to clone SourceForge Web sites that appear to offer the source code for popular gaming software but are actually peddling malicious code tied to the ZeroAccess Trojan. Julien Sobrier, a security researcher for San Jose-based cloud security provider Zscaler, on Tuesday...
ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining
A mid-year switch in communication protocol and distribution strategy is behind a spike in activity from the ZeroAccess botnet, a prolific and malicious ad click fraud network. Researchers at Kindsight Security Lab reported today that ZeroAccess accounts for 29 percent of home network infections ...
Report: 'Aggressive Adware' More Prevalent Among Android Malware
A new report from Trend Micro showed a 483 percent jump in malware — including “aggressive adware” that harvests person data without permission using legitimate ad networks. It’s no surprise that the open nature of the Android platform makes it a magnet for malware, but the type of malware becomi...
9 million PCs infected with ZeroAccess botnet
In recent months, we've seen the rootkit family Win32/Sirefef and Win64/Sirefef also known as ZeroAccess Botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally. Before, disclosed that it creates its own hidden...
Report: Bandwith-Burning Malware Among Biggest Consumer Threats
A new malware report indicates Android malware samples grew three-fold last quarter and that one in every 140 devices connected to mobile networks was infected at some point. Closer to home, about 14 percent of household networks were hit by malware this spring, with a 50 percent increase in...
Blackhole Exploit Kit attack on WampServer & Wordpress sites
Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...