MENUMenuIcon OUR STORY

SLASHNEXT LABS

THE KNOWLEDGE CENTER

BLOG

VIEW CATEGORIESHIDE CATEGORIES
SlashNext Labs SlashNext Labs

Malspam Pushing BTCWare (OCEAN VARIANT) Ransomware

Malware, Ransomware, Social Engineering Attacks

We recently observed a Malicious Spam campaign that pushes ransomware targeting Windows hosts. The adversary sends a zip archive in email without text in the message body. This zip archive is double coated – a zip archive within a zip archive. The second zip archive includes a JavaScript (.js) file which contains malicious content. The …

September 12th 2017

Icon Read More
SlashNext Labs SlashNext Labs

Credential Stealing with Scareware

Phishing, Social Engineering Attacks

Sony and Anthem, two of the largest internet breaches between 2014 and 2015, started with a simple phishing attacks targeted at corporate employees. These phishing attacks convinced unsuspecting employees to visit a website that introduced a malware into their systems. In the case of the Sony breach, the phishing emails appeared to be sent by …

August 30th 2017

Icon Read More
SlashNext Labs SlashNext Labs

Evolution of Scareware Scams

Phishing, Social Engineering Attacks

**YOUR COMPUTER HAS BEEN BLOCKED** Error # 3658eebc53c4218 Please call us immediately at: (8**) 77**-528* Have you ever seen pop-ups on your browser window showing these type of scary warnings? If yes, you are not alone. These pop-ups vary in terms of messaging. Some of them literally scream (using text to speech) that your computer is infected …

May 3rd 2017

Icon Read More
SlashNext Labs SlashNext Labs

Rise and Fall of Sandboxes

General

Antivirus software initially relied heavily on signatures to identify malware and other object based threats.  Indeed, even today’s current AV products still primarily use a signature engine for detection.  Signatures were and are determined when a malware (or malicious file object) arrives in the hands of an antivirus firm, and is analyzed by malware researchers …

April 4th 2017

Icon Read More
SlashNext Labs SlashNext Labs

Kirk Ransomware Based on Star Trek Theme

Malware, Ransomware

Kirk is a newly discovered ransomeware. It is similar in function to other ransomeware but its authors (presumably fans of Gene Rodenberry’s iconic TV series) have borrowed character names for the encryption and decryption components. Two notable items related to Kirk are: The program is written in python which is quite uncommon for ransomware. The …

April 4th 2017

Icon Read More