Tag Archives: analyses

Tiny Banker Trojan targets customers of major banks worldwide

The Tinba Trojan aka Tiny Banker targeted Czech bank customers this summer; now it’s gone global. After an analysis of a payload distributed by Rig Exploit kit, the AVAST Virus Lab identified a payload as Tinba Banker. This Trojan targets a large scope of banks like Bank of America, ING Direct, and HSBC.   In […]

Self-propagating ransomware written in Windows batch hits Russian-speaking countries

Ransomware steals email addresses and passwords; spreads to contacts. Recently a lot of users in Russian-speaking countries received emails similar to the message below. It says that some changes in an “agreement’ were made and the victim needs to check them before signing the document. The message has a zip file in an attachment, which […]

Reveton ransomware has dangerously evolved

      No Comments on Reveton ransomware has dangerously evolved

The old ransomware business model is no longer enough for malware authors. New additions have made Reveton into a truly dangerous business. The latest generation of Reveton, the infamous “police” lock screen/ransomware, targets new black market business. The authors upped the ante of the despised malware from a LockScreen-only version to a dangerously powerful password […]

Tinybanker Trojan targets banking customers

Tinba Trojan specifically targets bank customers with deceitful debt notice. The Tinba Trojan is banking malware that uses a social engineering technique called spearfishing to target its victims. Recently, targets havebeen banking customers in Czech Republic, AVAST Software’s home country. Tinba, aka Tinybanker,  was first reported in 2012 where it was active in Turkey. A […]

Are hackers’ passwords stronger than regular passwords?

Hackers use weak passwords just like the rest of us. Nearly two thousand passwords used by hackers were leaked this week, when I tried to decode a PHP shell without knowing the key. Because I did not know the exact content of the encoded file and searching the key could take me years, I chose a […]

Black marketed Windows banking & POS Trojan Minerva turns in-the-wild

The path from the creation of malicious program to its delivery onto victims’ computers is long nowadays and involves many different players with the same goal – to make a financial gain. Malware authors usually offer their software to cyber criminals who in turn distribute it via underground forums. This is the how they keep their […]

Black marketed Windows banking & POS Trojan Minerva turns in-the-wild

The path from the creation of malicious program to its delivery onto victims’ computers is long nowadays and involves many different players with the same goal – to make a financial gain. Malware authors usually offer their software to cyber criminals who in turn distribute it via underground forums. This is the how they keep their […]

Browser Ransomware Attacks are Massive in Scale

avast! Virus Lab infographic shows how prolific and wide-spread Browser Ransomware attacks have been over the last three months. During December I wrote about the tricks and tactics of Browser Ransomware. Browser Ransomware is malware that works in different types of browsers to prevent people from using their PCs. To get access back to their […]

WordPress vulnerability puts mobile visitors at risk

Today one of our colleagues came into our office and said, “Hey guys, I’ve been infected.” I thought to myself, yeah, how bad can this be? After a bit of digging we found the results were worth it; it turned out to be a really “interesting ” case of mobile redirected threats localized for each […]

Email with subject “FW:Bank docs” leads to information theft

In this blogpost we will look deep into a spam campaign, where unlike other possible scenarios, the victim is infected by opening and running an email attachment. In the beginning of this year, we blogged about a spam campaign with a different spam message – a fake email from the popular WhatsApp messenger. This time […]