dcsimg

A user’s right to choose: Why Malwarebytes detects Potentially Unwanted Programs (PUPs)

Potentially Unwanted Programs (PUPs): the name says it all. While the programs themselves might have legitimate uses, their vendors often use inappropriate methods to drive downloads or hide within a program bundle. At Malwarebytes, we feel we have an obligation to help protect our customers from PUPs by identifying and detecting them and giving the user the right to choose whether they continue … [Read more...]

2019 State of Malware report: Trojans and cryptominers dominate threat landscape

Each quarter, the Malwarebytes Labs team gathers to share intel, statistics, and analysis of the tactics and techniques made popular by cybercriminals over the previous three months. At the end of the year, we synthesize this data into one all-encompassing report—the State of Malware report—that aims to follow the most important threats, distribution methods, and other trends that shaped the … [Read more...]

How threat actors are using SMB vulnerabilities

Some of the most devastating ransomware and Trojan malware variants depend on vulnerabilities in the Windows Server Message Block (SMB) to propagate through an organization’s network. Windows SMB is a protocol used by PCs for file and printer sharing, as well as for access to remote services. A patch was released by Microsoft for SMB vulnerabilities in March 2017, but many organizations and home … [Read more...]

New Flash Player zero-day used against Russian facility

For the past couple of years, Office documents have largely replaced exploit kits as the primary malware delivery vector, giving threat actors the choice between social engineering lures and exploits or a combination of both. While today’s malicious spam (malspam) heavily relies on macros and popular vulnerabilities (i.e. CVE-2017-11882), attackers can also resort to zero-days when trying to … [Read more...]

New ‘Under the Radar’ report examines modern threats and future technologies

As if you haven’t heard it enough from us, the threat landscape is changing. It’s always changing, and usually not for the better. The new malware we see being developed and deployed in the wild have features and techniques that allow them to go beyond what they were originally able to do, either for the purpose of additional infection or evasion of detection. To that end, we decided … [Read more...]

Teamwork takes down massive ad fraud botnets

On November 27th 2018, the Department of Justice announced the indictment of 8 individuals involved in a major ad fraud case that cost digital advertisers millions of dollars. The operation, dubbed “3ve“, was the combination of the Boaxxe and Kovter botnets which the FBI, in collaboration with the private sector, was able to dismantle. The US CERT advisory indicates that 3ve was … [Read more...]

Why Malwarebytes decided to participate in AV testing

Starting this month, Malwarebytes began participating in the antivirus software for Windows comparison test performed by AV-test.org. This is uncharted territory for us, as we have refrained from participating in these types of tests since our inception. Although recent testing results show Malwarebytes protecting against more than 97 percent of web vector threats and detecting and removing 99.5 … [Read more...]

Introducing Malwarebytes for Chromebook

Have you been thinking about switching over to Chromebook because you don’t need all the built-in software programs of a PC or the sleek design of a Mac? Or perhaps you’ve already made the jump because Chromebooks are so much cheaper than a Windows or Mac system. Either way, did you worry that you would miss using Malwarebytes? You no longer need to be afraid! Malwarebytes for Chromebook We are … [Read more...]

Malwarebytes Labs Cybercrime Tactics and Techniques Report (CTNT) shows shift to business targets in Q3

Once again, it’s that time of year: time for the quarterly Malwarebytes Labs Cybercrime Tactics and Techniques Report. Strap in your seat belts, folks, because the third quarter of 2018 was quite a wild ride. After a sleepy first two quarters, cybercriminals shook out the cobwebs and revved up their engines in Q3 2018. With cryptominers and exploit kits maturing, ransomware ramping up with … [Read more...]

When Endpoint Detection and Response (EDR) is not enough

As cybercriminals continue to validate the reality that no prevention-based security control is going to stop every threat every time, companies are expanding beyond prevention-only approaches and closing the gap with endpoint detection and response solutions. But as we consider this strategy, one pressing question is: How big is the gap? If prevention security isn’t 100 percent effective, how … [Read more...]