dcsimg

Maze: the ransomware that introduced an extra twist

An extra way to create leverage against victims of ransomware has been introduced by the developers of the Maze ransomware. If the victim is not convinced that she should pay the criminals because her files are encrypted, there could be an extra method of extortion. Over time, more organizations have found ways to keep safe copies of their important files or use some kind of rollback technology to … [Read more...]

A week in security (December 16 – 22)

Last week on Malwarebytes Labs, we signalled that Mac threat detections have been on the rise in 2019, discussed how a new Consumer Online Privacy Rights Act (COPRA) would empower American users, warned that the Spelevo exploit kit debuts a new social engineering trick, and let our own Statler and Waldorf take you through a decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ … [Read more...]

Spelevo exploit kit debuts new social engineering trick

2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult websites to compromise more devices. The current Chromium-dominated browser market share favors … [Read more...]

Exploit kits: fall 2019 review

Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge. Based on our telemetry, these drive-bys are happening worldwide (with the exception of a few that are geo-targeted) and are fueled by malvertising most often found on adult … [Read more...]

Exploit kits: summer 2019 review

In the months since our last spring review, there has been some interesting activity from several exploit kits. While the playing field remains essentially the same with Internet Explorer and Flash Player as the most-commonly-exploited, it is undeniable that there has been a marked effort from exploit kit authors to add some rather cool tricks to their arsenal. For example, several exploit kits … [Read more...]

Exploit kits: spring 2019 review

Exploit kit activity remains fairly unchanged since our last winter review in terms of active distribution campaigns. But this spring edition will feature a new exploit kit and another atypical EK, in that it specifically goes after routers. The main driver behind these drive-by download attacks are various malvertising chains with strong geolocation filtering. This explains why some exploit … [Read more...]