Mobile Menace Monday: upping the ante on Adups

Adups is back on our radar. The same China-based company caught collecting an abundance of user data and creating a backdoor on mobile devices in 2016 has another malicious card to throw down. This time, it’s an auto installer we detect as Android/PUP.Riskware.Autoins.Fota. We thought they cleaned up their act When the headlines about Adups came … Read moreMobile Menace Monday: upping the ante on Adups

Tech support scammer tries to sell free software

AmericaGeeks is your typical tech support scam company, but with an extra warming glow of attitude, greed, and complete all-around rudeness. Most scams will gladly take your money by buttering up the victim while simultaneously scaring them into thinking that they are in a dangerous situation with their computer or device. They then swoop in … Read moreTech support scammer tries to sell free software

There’s a hole in my bucket: Bitcoin scams aim to exploit volatile market

Bitcoin! Black gold! Texas tea! Only one of these is currently worth ridiculous amounts of money (and technically numbers two and three are the same thing). Whether you’re in possession of lots of Bitcoins, or in full bandwagon panic “must buy 20 graphics cards before the bubble bursts” mode, you should be aware that lots … Read moreThere’s a hole in my bucket: Bitcoin scams aim to exploit volatile market

A state of constant uncertainty or uncertain constancy? Fast flux explained

Last August, WireX made headlines. For one thing, it was dubbed the first-known DDoS botnet that used the Android platform. For another, it used a technique that—for those who have been around in the industry for quite a while now—rung familiar in the ears: fast flux. In the context of cybersecurity, fast flux could refer … Read moreA state of constant uncertainty or uncertain constancy? Fast flux explained

A week in security (December 04 – December 10)

Posted: December 11, 2017 by Malwarebytes Labs Last week on the blog, we looked at a RIG EK malware campaign, explored how children are being tangled up in money mule antics, took a walk through the world of Blockchain, and gave a rundown of what’s involved when securing web applications. We also laid out the trials … Read moreA week in security (December 04 – December 10)

How cryptocurrency mining works: Bitcoin vs. Monero

Ever wondered why websites that are mining in the background don’t mine for the immensely hot Bitcoin, but for Monero instead? We can explain that. As there are different types of cryptocurrencies, there are also different types of mining. After providing you with some background information about blockchain [1],[2] and cryptocurrency, we’ll explain how the … Read moreHow cryptocurrency mining works: Bitcoin vs. Monero

Napoleon: a new version of Blind ransomware

The ransomware previously known as Blind has been spotted recently with a .napoleon extension and some additional changes. In this post, we’ll analyze the sample for its structure, behavior, and distribution method. Analyzed samples 31126f48c7e8700a5d60c5222c8fd0c7 – Blind ransomware (the first variant), with .blind extension 9eb7b2140b21ddeddcbf4cdc9671dca1 – Variant with .kill extension 235b4fa8b8525f0a09e0c815dfc617d3 – .napoleon (main focus of … Read moreNapoleon: a new version of Blind ransomware