Exploit This

Security News, Exploits, and Vulnerabilities.

Brazilian banking Trojans meet PowerShell

Brazil is the most infected country worldwide when it comes to banking Trojans, and the quality of the malware is evolving dramatically. Now Brazilian bad guys have made an important addition to their arsenal: the use of PowerShell.

PNG Embedded – Malicious payload hidden in a PNG file

This is what we found in a new Brazilian Trojan in the wild: it tries to conceal the malicious files in a PNG image. And the attack starts with a simple phishing PDF.

PlugX malware: A good hacker is an apologetic hacker

Sometimes malware writers put messages in their malware. We found one such message in PlugX dropper. And it was pretty melodramatic…

Chthonic: a new modification of ZeuS

In the fall of 2014, we discovered a new banking Trojan, which caught our attention for two reasons…

A nightmare on malware street

Another ransomware has been spotted in the wild lately, branded as ‘CoinVault’.

Brazilian Trojan Bankers – now on your Android Play Store!

It took some time but they’re finally here – Brazilian cybercriminals have started to target their attacks towards mobile banking users.

Android NFC hack allow users to have free rides in public transportation

More and more people keep talking about the feature of payments via NFC. The problem in this particular case is that somebody reversed the “Tarjeta BIP!” cards and found a means to re-charge them for free.

Android Backdoor disguised as a Kaspersky mobile security app

This week, our virus lab handled a case where a customer received a phishing email with an Android Backdoor archive masquerading as a Kaspersky mobile security app.

Android Worm on Chinese Valentine’s day

On August 2, the Chinese Valentine’s Day, an Android SMS worm struck China. It is called XXshenqi.apk. In the space of six hours, it infected about 500,000 devices.

elasticsearch Vuln Abuse on Amazon Cloud and More for DDoS and Profit

A couple weeks ago, my colleague Mikhail K posted on the “versatile linux DDoS trojan”, with analysis of several bots, including a bot implementing some extraordinary DNS amplification DDoS functionality. Operators of these bots are currently active, and we observe new… Read Full Article

%d bloggers like this: