News category archyve:

WatchBog is a malicious Trojan that attacks Linux servers. Therefore, it doesn’t seem to bother most of the regular computer users who are bound to be using either Windows or Mac OS machines. Nevertheless, we would like to tell you more about WatchBog, and what it is capable of. This entry will not deal with the Trojan removal because of the way it works. Please use this description to learn more about types of malware and what they do to various computer systems. Also, we always recommend exercising caution when you encounter unfamiliar content online. It is good to remember that malware infection could be just one click away. Read more »

In this article, we discuss a highly capable malicious application called Skidmap. Since it was designed to infect Linux systems, you have no reason to worry about it if your computer is running Windows. Unfortunately, Linux users have a couple of reasons to fear this threat as it can not only misuse a device to mine cryptocurrencies but also allow the malware’s creators to gain access to infected systems. The worst part is that the malicious application is well at hiding and can run unnoticed. Meaning, its victims may not realize it is on their machines. Read more »

When you stay at a hotel, the last thing you want to worry about is whether or not your credit card data is safe. Well, if ShellTea has silently invaded the network of the hotel you are staying at, this data is not safe. Of course, there is nothing you can do about it because it is the hotel’s responsibility to take care of this. This malware was created by FIN8, and Morphisec Labs observed it attacking operating systems in the spring. Unfortunately, it is impossible to say whether or not there will be no other attacks from this group targeting hotels. In fact, the last time this malware was seen was back in 2017, and so we really cannot know when this malware will strike next. Read more »

Do you ever wonder what to do with email scams that reach you? The easiest answer is to delete them from your inbox at once. However, sometimes users fall for these scams, and so we feel obliged to talk about the scam that could cause some trouble.

This time, we would like you to pay attention to the 'My Trojan Captured All Your Private Information Email' Scam. It is an old email spam campaign, and there is no trick behind its removal. You simply need to ignore its contents and delete the message without even checking it. Read more »

Reports suggesting that banking malware is on the rise once again keep coming out, and so it is important to remind ourselves how this malware operates. In this report, we analyze Catelites, an infamous banking malware that used fake apps on Android to attack unsuspecting users. This malicious threat was used primarily as a data stealer, and while it was, most likely, used to steal login credentials from banking apps, it could have stolen logins from any app that the user was opening. The only condition was that the infection could create an overlay for this app. Read more »

Our email inboxes have not been safe for years now, but we continue to get tricked into opening misleading messages sent by schemers and cybercriminals. Some of them are set up to trick us into disclosing personal information. Others are employed to scam us out of our money. Finally, we have those spam emails that are created to expose us to malicious infections. This method has been employed by the attackers behind the malicious BabyShark, a Trojan that silently collects and leaks sensitive information after execution. If this dangerous threat is discovered, it must be removed as soon as possible, but even if you delete BabyShark, a great deal of damage could have been done already. Read more »

VBShower is a malicious application that was spread during Cloud Atlas attacks. So far, it is unknown who is behind these attacks, but it looks like their targets are all government entities, international organizations, and institutions alike. As one could imagine, gathering sensitive information could be the main malware’s task. It was reported that it has capabilities that allow it to avoid getting detected, which suggests the malicious application was meant to work silently in the background. In other words, it is doubtful a victim would notice its presence, which means it could stay on a system for a long time. Thus, institutions in the hackers’ radar are advised to be cautious. For more information on how VBShower works and where it comes from, we encourage you to read the rest of this report. Read more »

Monokle is the name you need to remember because it belongs to one of the most vicious Android apps out there. This malicious threat can use trojanized apps to slither into your device, and then it can manipulate it, steal information, and use various spying techniques. The victims of this malware are not safe because the attackers – and whoever gets access to the retrieved information – can know the physical location of the victim, can know where they are planning to be at specific times, and can spy on them using audio and video input. Basically, whoever has this malware on their device can become a victim of a serious attack, and even their physical security could be jeopardized. Due to the history of the infection and the complex spying abilities, it is believed that this malware was built to target very specific victims. Unfortunately, whatever the case might be, deleting Monokle might not be an easy option. Read more »

Most infections that malware experts deal with on a daily basis are infections targeted at the general public, and they can affect users regardless of their location or job title. However, infections that have specific targets do exist as well, and Rising Sun backdoor is one of those threats. Malware researchers inform that this infection was specifically designed to attack defense, energy, financial, and nuclear companies. Most victims of this malware were found in the United States; however, it has impacted organizations in South America, Europe, Africa, Asia, and Australia too. Read more »

A botnet is a network of computers/systems that are infected with the same kind of malware to perform cyber attacks on a large scale. Torii Botnet is one of the newest botnets to be uncovered, but it is believed to have been active for at least a year now. Most botnets are utilized for mass spam email attacks that could, for example, be used to spread ransomware or expose users to phishing scams. They can also be used for DDoS (distributed denial-of-service) attacks that are primarily meant to disrupt regular traffic to a server or network. Read more »