Just a quick one to remind everybody that the Petya or NotPetya or whatever it will turn out to be called running riot throughout Europe and other parts of the world encrypting computers seemingly without any method of stopping it at the moment isn’t the only malware around. Users are … Continue reading →
An email with the subject of Fattura n.9171 del 27/06/17 pretending to come from random Italian email addresses with a Excel XLS spreadsheet attachment delivers what is most likely Zeus Panda Banking Trojan. The usual suspects on VirusTotal detect these as Sage crypt. Experience tells me these are more likely to … Continue reading →
Overnight we have seen another mass Japanese Malspam campaign with a change to the malware downloaders delivering some sort of malware that is being detected on VirusTotal as a ransomware. I am not certain that is a correct detection. This gang traditionally deliver Ursnif / Gozi banking Trojan and it has … Continue reading →
An email with the subject of *CONFIRM ORDER AND REVISE INVOICE* pretending to come from admin@ random company with a malicious word doc attachment. This word doc is actually a RTF file that uses what looks like the CVE-2017-0199 exploit, although this looks quite different to previous versions I have seen. At … Continue reading →
We see loads of 419 scams which always ask for an advance fee somewhere down the line. We have been seeing some coming from genuine Government email addresses and servers in different parts of the world. This example comes from the Paraguay Ministry of Justice. Dr matti lahteenma <info@ministeriodejusticia.gov.py> The … Continue reading →
Continuing with the never ending series of malware downloaders is an email with the subject of Invoice 4903 coming or pretending to come from what are most likely random email addresses ( I have only received 1 copy so far) with a .cab attachment. Cab files are a Microsoft specific form of … Continue reading →
Continuing with the never ending series of malware downloaders is an email with the subject of Receipt to print coming or pretending to come from random companies, names and email addresses with a semi-random named zip attachment which delivers some malware. I don’t know what this is yet. Earlier WSF files today … Continue reading →
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.
