Three Malware Predictions for the Remainder of 2014

Posted by Hugh Docherty on Mon, Aug 25, '14

As summer is drawing to a close, it is useful to take a quick look ahead to the end of the year to determine what we can expect on the malware front. After all, 2014 has brought about many new developments in malware. In this blog post, we explore a few malware predictions for the balance of the year.

Read More

Topics: Malware

Malaysian Boeing 777: Cybercriminals Capitalize on Tragedy Once Again

Posted by Brendan Griffin on Thu, Jul 24, '14

It’s not the first time, and unfortunately, it won’t be the last time. Cybercriminals have once again exploited a tragic situation in order to expand their reach in malware distribution. 

News stories with a high level of public interest are most vulnerable for this type of activity. We’ve seen it before: the Boston Marathon bombing, the Texas fertilizer plant explosion and (much happier news) the birth of the royal baby

Read More

Topics: Malware

ASProx Responsible for Several Attacks, Including E-ZPass, Court Case

Posted by Brendan Griffin on Wed, Jul 16, '14

Last week, we talked about a spam campaign targeting the E-ZPass brand, which provides electronic toll collection to several state departments of transportation. Given the high level of interest in this threat, we’re here with an update which will provide some additional context on this threat. 

ASProx, the malware behind the E-ZPass threat has used at least a half dozen email templates over the past nine months. Both malicious URLs and hostile attachments have been utilized to distribute the malware. Several brands have been falsely represented in this attempt to deliver ASProx. Cybercriminals sent email campaigns appearing to be sent from WhatsApp, several large retailers, airlines and even the US District Court Systems and other legal entities, such as law firms. This effort began in Fall of 2013 and continued into the first part of this year. The shift toward legal notices began in January 2014. Most prolifically, this malware claims to deliver a notice of a court date that the recipient must attend after completing the attached legal documents.

Read More

Topics: Malware

How Spammers Are Filling the Gameover Zeus Void

Posted by Brendan Griffin on Mon, Jul 7, '14

Spammers are filling the Gameover Zeus void by deploying other malware varieties—many of which represent threats which have not previously utilized spam email as their vector for distribution.

Malcovery’s analysts identified one such threat on June 18, 2014. The new malware was distributed using a number of common spam email templates associated with the notorious Cutwail spamming botnet. The attacker also utilized a sophisticated attack vector by implementing a PDF document designed to silently download and install a botnet malware which was in turn used to distribute the new malware. This first botnet malware was deployed as a means to sneak any number of additional malware binaries through defenses and execute it within the already-infected environment.

Read More

Topics: Malware

How Email Content Distributes Malware

Posted by Brendan Griffin on Thu, Jun 5, '14

A cybercriminal has successfully delivered a hostile spam email. What happens next? The unknowing victim must allow his machine to be infected with the malware sample. In this post, we explore how email content distributes malware.

Read More

Topics: Malware

   
View Webinar Now