Last year, we reported about PlugX a breed of Remote Access Trojan (RAT) used in certain high-profile APT campaigns. We also noted some of its noteworthy techniques, which include its capability to hide its malicious codes by decrypting and loading a backdoor “executable file” directly into memory, without the need to drop the actual “executable […]
A new “ransomware” campaign uses a novel approach to extort money from Internet users. It locks your computer and displays a localized webpage that covers your desktop and demands the payment of a fine for the possession of banned material.The following system changes may indicate the presence of this malware:<startup folder>\<random file name>.dll.lnk<startup folder>\<random file […]
For some time now, attackers have been faking popular websites like YouTube to entice users into downloading and installing malicious software disguised as plugin updates or video codecs. I rcently found a page that is using the same technique to distribute a malicious executable through a fake UPS page. The page is located at hxxp://www.retinamac.ru/UPS/. […]
Latest Comments