MENUMenuIcon OUR STORY

SLASHNEXT LABS

THE KNOWLEDGE CENTER

BLOG

VIEW CATEGORIESHIDE CATEGORIES
Atif Mushtaq Atif Mushtaq

Think Outside the Sandbox

General

Over the past decade, our industry has been plagued by a losing game of cat-and-mouse against street-smart hackers who continually find new ways to compromise Internet-connected devices. Enhanced security of modern browsers and automatic software updates are creating a shift in their strategy, so hackers are now paying attention to the most vulnerable and the …

November 7th 2017

Icon Read More
SlashNext Labs SlashNext Labs

SyncCrypt Ransomware

Malware, Ransomware, Social Engineering Attacks

SlashNext has observed a major increase in malicious spam (malspam), email based attacks that distribute ransomware through email attachments. In fact, a new ransomware was discovered just last week distributing spam attachments containing Windows Script File (WSF). Windows Script File (WSF) allows a mix of scripting languages like Jscript and VBScript within a single file. …

September 30th 2017

Icon Read More
SlashNext Labs SlashNext Labs

JS based PHP Ransomware

Malware, Ransomware, Social Engineering Attacks

Malicious spam campaigns are among hackers’ favorite delivery channels for spreading malware to their targets. Recently, we have observed a malspam campaign delivering ransomware by spam email attachments containing a “.js” file named “UPS-Receipt-01878098.doc.js”. On execution, this “.js” script downloads a PHP file which infects the user’s computer with ransomware. So, we named this ransomware …

September 30th 2017

Icon Read More
SlashNext Labs SlashNext Labs

Malspam Pushing BTCWare (OCEAN VARIANT) Ransomware

Malware, Ransomware, Social Engineering Attacks

We recently observed a Malicious Spam campaign that pushes ransomware targeting Windows hosts. The adversary sends a zip archive in email without text in the message body. This zip archive is double coated – a zip archive within a zip archive. The second zip archive includes a JavaScript (.js) file which contains malicious content. The …

September 12th 2017

Icon Read More
SlashNext Labs SlashNext Labs

Credential Stealing with Scareware

Phishing, Social Engineering Attacks

Sony and Anthem, two of the largest internet breaches between 2014 and 2015, started with a simple phishing attacks targeted at corporate employees. These phishing attacks convinced unsuspecting employees to visit a website that introduced a malware into their systems. In the case of the Sony breach, the phishing emails appeared to be sent by …

August 30th 2017

Icon Read More