ftp


Although bitcoin miners have been used by cybercriminals before as a way to monetize their malicious activities, this recent sample (MD5: 522f8ba8b2dec299cc64c0ccf5a68000) caught our attention because it is unusually heavy, persistent, and obfuscated. Fortinet detects this threat as W32/Miner. (3)Threat DescriptionThis malicious bitcoin miner is, in fact, a container of multiple files. Since NSIS (Nullsoft Scriptable Install System) was used to create the malware sample, the files that it contains can be seen using a file archiver such as 7-Zip.... [Read More]
by RSS Lilia Elena Gonzalez Medina  |  Jun 14, 2016  |  Filed in: Security Research
Spear phishing attacks are increasing today and the FBI has even issued a warning to the public due to its ability to target multiple organizations. Such attacks are considered as a part of APTs (Advanced Persistent Threats), which attempt to gain a foothold in the network of an organization. Recently, my email inbox has received two spam emails with suspicious attachments. A screenshot of one of the emails can be seen below: Figure 1: Spam email. I have collected the attachments of the two emails and found that they are the same file, which... [Read More]
by RSS Danny Choi  |  Aug 27, 2013  |  Filed in: Security Research