Exploit This

Security News, Exploits, and Vulnerabilities.

Spam and phishing in 2016

2016 saw a variety of changes in spam flows, with the increase in the number of malicious mass mailings containing ransomware being the most significant. These programs are readily available on the black market, and in 2017 the volume of malicious spam is unlikely to fall.

Mobile apps and stealing a connected car

The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. By using proprietary mobile apps, it is possible to get some useful features, but if a car thief were to gain access to the mobile device that belongs to a victim that has the app installed, then would car theft not become a mere trifle?

Breaking The Weakest Link Of The Strongest Chain

Around July last year, more than a 100 Israeli servicemen were hit by a cunning threat actor. The attack compromised their devices and exfiltrated data to the attackers’ C&C. In addition, the compromised devices were pushed Trojan updates. The operation remains active at the time of writing this post.

Kaspersky Security Bulletin 2016. Story of the year

Between January and September 2016 ransomware attacks on business increased three-fold –to the equivalent of an attack every 40 seconds. With the ransomware-as-a-service economy booming, and the launch of the NoMoreRansom project , Kaspersky Lab has named ransomware its key topic for 2016.

Spam and phishing in Q3 2016

In the third quarter of 2016, the proportion of spam in email traffic increased by 2 p.p. compared to the previous quarter and accounted for 59.19%. The largest percentage of spam – 61.25% – was registered in September.

The “notification” ransomware lands in Brazil

Unlike the previously reported and now decrypted Xpan ransomware, this same-but-different threat from Brazil has recently been spotted in the wild. This time the infection vector is a more massively propagated malicious campaign relying on traditional spam email.

‘Adult’ video for Facebook users

In April of this year, we registered some mass attacks on Facebook users in Russia. As a result, many Russian-speaking users of the social network fell victim to fraudsters. Half a year later the fraudsters have used the same tactics to attack Facebook users in Europe.

On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users

What is most interesting about the StrongPity APT’s more recent activity however, is their focus on users of encryption tools, peaking this past summer. In particular, the focus was on Italian and Belgian users, but the StrongPity watering holes affected systems in far more locations than those two.

Polyglot – the fake CTB-locker

In this article, we discuss how it is possible to take advantage of errors made in the implementation of a cryptographic scheme, and how mistakes by malware writers allow us to help users restore their encrypted data.

Banking Trojan, Gugi, evolves to bypass Android 6 protection

We have found a new modification of the mobile banking Trojan, Trojan-Banker.AndroidOS.Gugi.c that can bypass two new security features added in Android 6: permission-based app overlays and a dynamic permission requirement for dangerous in-app activities such as SMS or calls. The modification does not use any vulnerabilities, just social engineering.

%d bloggers like this: