In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture of working from home, standing in socially-distanced lines, and awaiting local rules about what they could and could not do with members of different households. It was a stressful and confusing time, and during it, … [Read more...]
Emotet returns just in time for Christmas
Emotet is a threat we have been tracking very closely throughout the year thanks to its large email distribution campaigns. Once again, and for about two months the botnet stopped its malspam activity only to return days before Christmas. In typical Emotet fashion, the threat actors continue to alternate between different phishing lures whose goal is to social engineer users into enabling … [Read more...]
A week in security (October 26 – November 1)
We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash away from your business, pointed out how scammers are spoofing bank phone numbers to rob … [Read more...]
New Emotet delivery method spotted during downward detection trend
Emotet, one of cybersecurity’s most-feared malware threats, got a superficial facelift this week, hiding itself within a fake Microsoft Office request that asks users to update Microsoft Word so that they can take advantage of new features. This revamped presentation could point to internal efforts by threat actors to increase Emotet’s hit rate—a possibility supported by Malwarebytes telemetry … [Read more...]
It’s baaaack: Public cyber enemy Emotet returns to terrorize more victims
This blog post was authored by Jérôme Segura and Hossein Jazi After over four months of absence, the dreaded Emotet has returned with a vengeance. Following several false alarms over the last few weeks, a spam campaign was first spotted on July 13 showing signs of a likely comeback. The Emotet botnets started pushing malspam actively on Friday, July 17, using the same techniques as before. … [Read more...]
A week in security (March 16 – 22)
Last week on Malwarebytes Labs, we concluded our series on child identity theft. We also looked into threat actors and campaigns that ride the COVID-19 train, namely the criminal group APT36 and threat actors purporting to be the World Health Organization (WHO) but instead spreading malware. Lastly, we have tips for those who are working at home to stay secure while social distancing. Other … [Read more...]
A week in security (February 10 – 16)
Last week on Malwarebytes Labs, we explained how to battle online coronavirus scams with facts, discussed the persistent re-infection techniques of Android/Trojan.xHelper and how to remove it, provided cyber tips for safe online dating, and showed how Hollywood teaches us misleading cybersecurity lessons. We also released the 2020 State of Malware Report describing the threat landscape of the … [Read more...]
Malwarebytes Labs releases 2020 State of Malware Report
Malwarebytes Labs today released the results of our annual study on the state of malware—the 2020 State of Malware Report—and as usual, it’s a doozy. From an increase in enterprise-focused threats to the diversification of sophisticated hacking and stealth techniques, the 2019 threat landscape was shaped by a cybercrime industry that aimed to show it’s all grown up and coming after … [Read more...]