Category Archives: Malware

Fake Apps Take Advantage of Super Mario Run Release

By | Desember 20, 2016

Earlier this year, we talked about how cybercriminals took advantage of the popularity of Pokemon Go to launch their own malicious apps. As 2016 comes to a close, we observe the same thing happening to another of Nintendo’s game properties: Super Mario. The Super Mario franchise has been a key part of Nintendo’s video game business, with multiple title… Lees Meer »

Fake Apps Take Advantage of Mario Run Release

By | Desember 20, 2016

Earlier this year, we talked about how cybercriminals took advantage of the popularity of Pokemon Go to launch their own malicious apps. As 2016 comes to a close, we observe the same thing happening to another of Nintendo’s game properties: Super Mario. The Super Mario franchise has been a key part of Nintendo’s video game business, with multiple title… Lees Meer »

Avalanche: Thwarting Cybercriminal Hazards with Law Enforcement Collaboration

By | Desember 7, 2016

On November 30th, an international law enforcement operation stamped out Avalanche, a large-scale content and management platform designed for the delivery of bullet-proof botnets. Avalanche’s scale and scope spanned victims from 180 countries, over 800,000 domains in 60+ top-level domains (TLD), more than one million phishing and spam e-mails, 500,000 infected machines worldwide, and 130TB… Lees Meer »

New SmsSecurity Variant Roots Phones, Abuses Accessibility Features and TeamViewer

By | Desember 1, 2016

By Jason Gu (Mobile Threat Response Engineer) In January of 2016, we found various “SmsSecuritymobile apps that claimed to be from various banks. These apps supposedly generated one-time passwords (OTPs) that account holders could use to log into the bank; instead they turned out to be malicious apps that stole any password sent via SMS messages.… Lees Meer »

BLACKGEAR Espionage Campaign Evolves, Adds Japan To Target List

By | October 27, 2016

By Joey Chen and MingYen Hsieh BLACKGEAR is an espionage campaign which has targeted users in Taiwan for many years. Multiple papers and talks have been released covering this campaign, which used the ELIRKS backdoor when it was first discovered in 2012. It is known for taking using blogs and microblogging services to hide the location of… Lees Meer »

FastPOS Updates in Time for the Retail Sale Season

By | October 5, 2016

Most point-of-sale (PoS) threats follow a common process: dump, scrape, store, exfiltrate. FastPOS (initially detected by Trend Micro as TSPY_FASTPOS.SMZTDA) was different with the way it removed a middleman and went straight from stealing credit card data to directly exfiltrating them to its command and control (C&C) bedieners. FastPOS was true to its monikerpilfer data… Lees Meer »

Untangling the Ripper ATM Malware

By | September 30, 2016

Last August , security researchers released a blog discussing a new ATM malware family called Ripper which they believe was involved in the recent ATM attacks in Thailand.  Large numbers of ATMs were also temporarily shut down as a precautionary measure. That analysis gave an overview of the techniques used by the malware, the fact that it targets three major ATM vendors, and… Lees Meer »