MENUMenuIcon OUR STORY

SLASHNEXT LABS

THE KNOWLEDGE CENTER

Malware

VIEW CATEGORIESHIDE CATEGORIES

Category » Malware

Kirk Ransomware Based on Star Trek Theme

Kirk is a newly discovered ransomeware. It is similar in function to other ransomeware but its authors (presumably fans of Gene Rodenberry’s iconic TV series) have borrowed character names for the encryption and decryption components. Two notable items related to Kirk are: The program is written in python which is quite uncommon for ransomware. The …

Felismus Malware

Felismus is a sophisticated Remote Access Trojan (RAT) and, to date, has been used in highly targeted campaigns. RATs allow an attacker to access the infected machine in much the same way one would access a remote machine using TeamViewer, WebEx, or Windows Remote Terminal, however without the infected user’s knowledge or consent. Felismus implements …

Jigsaw Ransomware

Jigsaw is the latest in a spate of Ransomware that encrypts files and offers to sell the victim a decryption key to get their data back.  Adding a new twist, Jigsaw threatens to delete one file every hour if the ransom is not paid in a timely manner. Jigsaw is capable of encrypting files that …

PowerWare – A malware built on lies

A couple of weeks ago the folks at Carbon Black discovered a new Ransomware strain that they dubbed “PowerWare”. What makes PowerWare interesting is its ability to encrypt files using the Windows PowerShell scripting language.  Unlike other Ransomware, Powerware doesn’t need to install a binary on the infected machine. When enabled, Macros inside a weaponized …

Mighty TeslaCrypt

Ransomware is not a new concept. Some early examples such as GpCode spread as early as 2006, but the recent surge of new highly advanced Ransomware is like nothing the world has ever seen. Most of what we see today can be traced back to CryptoLocker and CryptoWall.  These two ransomeware alone have netted their …

Cerber Ransomware

“Cerber” is widely believed to have been developed by Russian coders and is the latest in a rash of ransomware spotted by SlashNext Labs.   It is distributed through Russian Hacking forums and is marketed by its developers as Ransomware-as-a-Service or RaaS, allowing them to earn a small commission on each payment the ransomware generates. When …

The Rise of Ransomware

Hackers have found a new drug: ransomware. Ransomware encrypts data and then holds your files hostage until a ransom is paid.  Like all addictive drugs ransomware provides hackers with instant gratification, and it is also bringing them hefty profits. One of the great advantages of cloud computing is the ability to aggregate and anonymously share …

Carbanak – A new cyber crime wave

Carbanak is a family of trojans most recently involved in the compromise of several banks.  It is estimated that Carbanak attacks are responsible for approximately $1 Billion dollars in worldwide losses. Carbanak is being cited as one of the largest cybercrime campaigns ever deployed. It also marks a very significant shift in the techniques used …

Deep Panda: Polymorphism at its best

In our previous blog we talked about a chinese threat actor named Deep Panda who used a well known malware family Sakula to infiltrate Anthem’s network. We at SlashNext Labs, track these type of threat actors and tools they use as part of daily routine. We have a comprehensive association database namedxIntel, using which we …

Anthem Breach

The Anthem breach  was one of 2014’s most significant data breaches.  Attackers are believed to have ex filtrated the records of millions of Anthem customers. It is widely believed that the attackers started penetrating the Anthem network around Jan 2015, but our research indicates otherwise. We believe that the attack on Anthem’s network began around April …