Exploit This

Security News, Exploits, and Vulnerabilities.

New trends in the world of IoT threats

Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead.

LuckyMouse signs malicious NDISProxy driver with certificate of Chinese IT company

Since March 2018 we have discovered several infections where a previously unknown Trojan was injected into the lsass.exe system process memory. This campaign was active immediately prior to Central Asian high-level meeting and we suppose that actor behind still follows regional political agenda.

Threat Landscape for Industrial Automation Systems in H1 2018

In this report, Kaspersky Lab ICS CERT publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018.

We know what your kids did this summer

For many kids and teenagers, summer is all about ditching school books in favor of hobbies and fun. Every year we release a report on children’s interests, as reflected in their online activity. This summer, we investigated what they prefer in their free time.

What are botnets downloading?

Every day we intercept numerous file-download commands sent to bots of various types and families. Here we present the results of our botnet activity analysis for H2 2017 and H1 2018.

Loki Bot: On a hunt for corporate passwords

Starting in early July, we have seen malicious spam activity that has targeted corporate mailboxes. Messages discovered so far contain an attachment with an .iso extension, which Kaspersky Lab solutions detect as Loki Bot.

BusyGasper – the unfriendly spy

In early 2018 we found a suspicious Android sample that, as it turned out, belonged to an unknown spyware family. Further investigation showed that the malware, which we named BusyGasper, is not all that sophisticated, but demonstrates some unusual features for this type of threat.

The rise of mobile banker Asacub

We encountered the Trojan-Banker.AndroidOS.Asacub family for the first time in 2015. The Trojan has evolved since then, aided by a large-scale distribution campaign by its creators (in spring-summer 2017), helping Asacub to claim top spots in last year’s ranking by number of attacks among mobile banking Trojans.

Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware

While investigating a cryptocurrency exchange attacked by Lazarus, we made an unexpected discovery. The victim had been infected with the help of a trojanized cryptocurrency trading application, which had been recommended to the company over email.

Dark Tequila Añejo

Dark Tequila is a complex malicious campaign targeting Mexican users, with the primary purpose of stealing financial information, as well as login credentials to popular websites that range from code versioning repositories to public file storage accounts and domain registrars.

%d bloggers like this: