Malware News and Trends

David Balaban

Subscribe to David Balaban: eMailAlertsEmail Alerts
Get David Balaban: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by David Balaban

It's been years since it became obvious that crypto isn't necessarily usable for benign purposes only. Back in the day, a variety of data encryption techniques were contrived to protect sensitive communication against MITM (man-in-the-middle) attacks and similar interception attempts. The creators of file-encrypting ransomware, however, have ventured to add a malicious component to the mix, using both symmetric and asymmetric algorithms to lock their victims' data and hold it for ransom. The most common cryptosystems leveraged in these campaigns are RSA and AES. Although these two have fundamental differences, they are nearly equal as far as the reliability of encryption goes. To top it off, ransom Trojans have evolved over time. The newer variants target files on a computer's local drives, network shares and cloud paths alike. The fact that cloud storage isn't saf... (more)

Zepto extension virus: files restoration and ransomware removal

Crypto ransomware programs come and go, but the idea of online extortion stays and perseveres with its progress. Having vanished from the antimalware radars for a while, the sample called Locky recently reappeared with a number of new features. Researchers consider the latest spike in its propagation to be associated with the so-called Necurs Botnet that the threat actors have begun to leverage after dropping the previous distribution tactics. The updated infection badly tweaks the names of one’s files and appends the .zepto component to those. These are mere external changes, th... (more)

Ransomware Evolution | @CloudExpo #InfoSec #DataCenter #Security

Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming obsolete because an end-user. People were asking themselves: “That is my computer, would I pay $100 for it? If I don't really have data, I’d better format my PC and start all over again.” So, that strategy – locking access to computers, started becoming obsolete.  What did the bad guys do?  They realized that the previous strategy was onl... (more)

TeamViewer Security

Although the publisher of TeamViewer takes security seriously and ensures encrypted communication between endpoints and servers through RSA-2048 and AES-256 ciphers, there have been incidents where perpetrators successfully used the app in large-scale hoaxes. It turns out that the Internet scoundrels don't necessarily have to get around the strong crypto defenses to deploy their devious stratagems. SURPRISE RANSOMWARE INCIDENT Ransomware, a real scourge of the present-day Internet, has been reportedly circulating over unauthorized TeamViewer sessions. This issue recently got i... (more)

Explorations in Data Destruction 7: Diamond Charge and Blast Suppression

Having conducted enough experiments with the Munroe effect over shaped charges, Zoz decides to try diamond charges and a blast suppression technique. Why not give diamond charge a shot? So I feel good about shaped charges, but there’s one other charge I wanted to try, which is a diamond charge (see right-hand image). The EOD folks use these a lot for cutting. What you do is you create a flat high explosive and you cap it at both sides, and when you set it off the shockwave comes in from both sides, meets in the middle and turns 90 degrees. And you get a jet that comes out eith... (more)