dcsimg

Formjacking: Are Ransomware and Cryptojacking About to Be Replaced?

Well, let’s start with the good news. Overall, both Ransomware and Cryptojacking saw a noticeable decline during 2018. The not-so-good news is that Ransomware is still a growing threat to enterprises, who saw a 12% increase in attacks compared to the previous year. Additionally, 2018 saw an 30% increase in the number of mobile Ransomware infections – most of which affecting devices in … [Read more...]

A week in security (March 4 – 11)

Last week, Malwarebytes Labs released its in-depth, international data privacy survey of nearly 4,000 individuals, revealing that every generation, including Millennials, cares about online privacy. We also covered a novel case of zombie email that involved a very much alive account user, delved into the typical data privacy laws a US startup might have to comply with on its journey to success, … [Read more...]

Spotlight on Troldesh ransomware, aka ‘Shade’

Despite the decline in the number of ransomware infections over the last year, there are several ransomware families that are still active. Ransom.Troldesh, aka Shade, is one of them. According to our product telemetry, Shade has experienced a sharp increase in detections from Q4 2018 to Q1 2019. When we see a swift spike in detections of a malware family, that tells us we’re in the middle of an … [Read more...]

What K–12 schools need to shore up cybersecurity

Crumbling infrastructure. Gaps in curriculum. Antiquated devices. Difficult COPPA laws. Lack of funding. Those are just a few of the obstacles facing K–12 schools looking to adopt technology into their 21st century learning initiatives. Now add security concerns to the list, and you can see why many schools struggle not only to keep up with consumer technology trends, but also protect against … [Read more...]

How Can Hospitals Protect Themselves from SamSam Ransomware Attacks?

A strain of ransomware called SamSam was released towards the end of 2015 and continues to pose a serious threat to organizations of all sizes. Unlike other forms of ransomware, SamSam is very targeted and frequently updated in order to circumvent anti-virus tools and endpoint protection solutions. SamSam is even able to delete backups – one of our primary safeguards against ransomware attacks. … [Read more...]

2019 State of Malware report: Trojans and cryptominers dominate threat landscape

Each quarter, the Malwarebytes Labs team gathers to share intel, statistics, and analysis of the tactics and techniques made popular by cybercriminals over the previous three months. At the end of the year, we synthesize this data into one all-encompassing report—the State of Malware report—that aims to follow the most important threats, distribution methods, and other trends that shaped the … [Read more...]

A week in security (January 7 – 13)

Last week on the Malwarebytes Labs blog, we took a look at the Ryuk ransomware attack causing trouble over the holidays, as well as a ransom threat for an Irish transportation company. We explored the realm of SSN scams, and looked at what happens when an early warning system is attacked. Other cybersecurity news Password reuse problems. Multiple Reddit accounts reported being locked out after … [Read more...]

Luas data ransom: the hacker who cried wolf?

In a terrible start to the year for Irish tram firm Luas, their site was compromised a week ago and adorned with a stark ransom warning: Click to enlarge You are hacked. Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the reply button. You must pay one bitcoin in five days. Otherwise I will publish all data and send emails to … [Read more...]

Ryuk ransomware attacks businesses over the holidays

While families gathered for food and merriment on Christmas Eve, most businesses slumbered. Nothing was stirring, not even a mouse—or so they thought. For those at Tribune Publishing and Data Resolution, however, a silent attack was slowly spreading through their networks, encrypting data and halting operations. And this attack was from a fairly new ransomware family called Ryuk. Ryuk, which made … [Read more...]

Vidar and GandCrab: stealer and ransomware combo observed in the wild

We have been tracking a prolific malvertising campaign for several weeks and captured a variety of payloads, including several stealers. One that we initially identified as Arkei turned out to be Vidar, a new piece of malware recently analyzed in detail by Fumik0_ in his post: Let’s dig into Vidar – An Arkei Copycat/Forked Stealer (In-depth analysis). In Norse Mythology, Víðarr is a god and son of … [Read more...]