Ειδοποιήσεις

A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted.

This new sample was discovered yesterday by MalwareHunterTeam, who saw that it was signed by a digital certificate. After this sample was examined by security researcher Vitali Kremez, it was discovered that a few changes were made to this variant that was not seen in previous samples.

Kremez found that with this new variant, the ransomware will check the output of arp -a for particular IP address strings, and if they are found, will not encrypt the computer.

Read more »

Researchers discovered a new JavaScript-based and modular downloader Trojan camouflaged and distributed to targets in the form of game cheats via websites owned by its developers.

The malware was discovered by Yandex which subsequently sent it over to Doctor Web’s research team for further analysis together with additional info on how the Trojan sample was distributed. The researchers were able to find that the Trojan — dubbed MonsterInstall — uses Node.js to execute itself on the victims’ machines.

“When users attempt to download a cheat they download a password-protected 7zip archive to their computers. Inside there is an executable file; which upon launch, will download the requested cheats alongside other trojan’s components,” says Doctor Web.

Read more »

Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals.

GandCrab is one of the most prolific families of ransomware to date that has infected over 1.5 million computers since it first emerged in January 2018.

Created by BitDefender, the new GandCrab decryption tool [download] can now unlock files encrypted by the latest versions of the ransomware, from 5.0 to 5.2, as well as for the older GandCrab ransomware versions.

As part of the “No More Ransom” Project, BitDefender works in partnership with the FBI, Europol, London Police, and several other law enforcement agencies across the globe to help ransomware affected users.

Read more »

If you use the Firefox web browser, you need to update it right now.  Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild.

Discovered and reported by Samuel Groß, a cybersecurity researcher at Google Project Zero, the vulnerability could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions and take full control of them.

Read more »

Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google’s ban on apps that access SMS and call logs without justification.

Google enforced the restriction earlier this year specifically to lower the risk of sensitive permissions where they are not necessary. In theory, this also translated into stronger protection for two-factor authentication (2FA) codes delivered via the short message service.

Cybercriminals found a way around this limitation and instead tap into the notifications to obtain the sensitive information. This method also opens up the door to getting short-lived access codes that are delivered via email.

Read more »