We recently came across a compromised website pushing out a payload that belongs to the Pushdo botnet, a botnet reportedly controlled by a well-funded Eastern European Cybercrime group. This botnet has often been closely associated with the Cutwail spam botnet. In the past, the Cutwail group would spam out payloads for the Pushdo botnet, which […]
We have been fighting the W32.Changeup family of worms for a long time and have written about it many times Figure 1. W32.Changeup prevalence One characteristic of W32.Changeup is that it is written in Microsoft Visual Basic 6.0 and the viral part of its program code is seen in the program file, but […]
In the past few weeks we have been following the relatively new “police ransomware” family we call Trojan:HTML/Browlock. This ransomware is very simple, and just uses the browser to display a lock screen demanding the victim to pay a fake fine and plays tricks to prevent closing the browser tab.Since we first saw it targeting […]
Latest Comments