Securelist analysis

Securelist - Information about Viruses, Hackers and Spam » We have been detecting attacks that have employed the use of this backdoor since at least 2015 and refer to it as Travle. Coincidentally, KL was recently involved in an investigation of a successful attack where Travle was detected, during which we conducted a deep analysis of this malware. Read Full Article · no-image. Securelist.com

Locky: the encryptor taking the world by storm - Securelist » Apr 6, 2016 ...The Trojan has been actively propagating up to the present day. Kaspersky Lab products have reported attempts to infect users with the Trojan in 114 countries around the world. Analysis of the samples has shown that this Trojan is a brand new ransomware threat, written from scratch. So, what is Locky,... Securelist.com

Securelist (@Securelist) | Twitter » The latest Tweets from Securelist (@Securelist). The resource for Kaspersky Lab experts' technical research, analysis, and thoughts. Worldwide. Twitter.com

Analysis of, Malware from the MtGox Leak Archive - Securelist » Mar 14, 2014 ...A few days ago the personal blog and Reddit account of MTgox CEO, Mark Karpeles, were hacked. Attackers used them to post a file, MtGox2014Leak.zip, which they claim contains valuable database dumps and specialized software for remote access to MtGox data. But this application is actually malware... Securelist.com

Bad Rabbit ransomware - Securelist » Oct 24, 2017 ...No exploits were used, so the victim would have to manually execute the malware dropper, which pretends to be an Adobe Flash installer. However, our analysis confirmed that Bad Rabbit uses the EternalRomance exploit as an infection vector to spread within corporate networks. The same exploit was... Securelist.com

Malware Reports — Malware Archaeology » Aug 2016 - SecureWorks - Malware lingers with BITS. https://www.secureworks. com/blog/malware-lingers-with-bits. Aug 2016 - Kaspersky - Project Sauron - Top level cyber-espionage platform covertly extracts encrypted government comms. https://securelist.com/analysis/publications/75533/faq-the-projectsauron-apt/. Malwarearchaeology.com

Appendix: Analysis of the Mokes/SmokeBot backdoor from the incident » Appendix: Analysis of the. Mokes/SmokeBot backdoor from the incident. This is a technical analysis of the Mokes/SmokeBot malware sample involved in the incident. Sample technical information: MD5: a82c0575f214bdc7c8ef5a06116cd2a4. Size: 793,088 bytes. The file is a self- extracting CAB archive. Contents of the... Kasperskycontenthub.com

industrial control systems and their online availability » 1 https://securelist.com/blog/research/73440/blackenergy-apt-attacks-in-ukraine- employ-spearphishing-with-word- documents/. 2 http://www.verizonenterprise. com/verizon-insights/data-breach-digest/2016/. 3 https://securelist.com/analysis/ kaspersky-security-bulletin/72886/kaspersky-security-bulletin-2015-top-security-. Kasperskycontenthub.com

ShadowPad » At the time of analysis the domain was registered with the following WHOIS information: Domain Name: NYLALOBGHYHIRGH.COM. Registry Domain ID: 2146218329_DOMAIN_COM-VRSN. Registrar WHOIS Server: whois.namesilo. com. Registrar URL: http://www.namesilo.com. Updated Date: 2017-07-24T06:41 :22Z. Cdn.securelist.com

CozyDuke: Malware Analysis » Feb 13, 2012 ...we believe the CozyDuke toolset is used by at least one malicious actor who also uses, or at the least shares, infrastructure with actors using the known threats, MiniDuke and OnionDuke. TLP: WHITE. F-SECURE LABS. SECURITY RESPONSE. Malware analysis. Whitepaper. CONTENTS. Introduction. 2. F-secure.com