Meltdown and Spectre: what you need to know

UPDATE (as of 1/04/18): Since the Malwarebytes Database Update 1.0.3624, all Malwarebytes users are able to receive the Microsoft patch to mitigate Meltdown. If you’ve been keeping up with computer news over the last few days, you might have heard about Meltdown and Spectre, and you might be wondering what they are and what they can … Read moreMeltdown and Spectre: what you need to know

Facebook phishers want you to “Connect with Facebook”

As we edge toward Christmas, scammers are throwing their own party—in the form of Facebook phishing pages linked to and from bogus landing pages hosted on sites(dot)google(dot)com URLs. These landing pages, adorned with very large and very fake “Login with Facebook” buttons, may be extra convincing to the unwary, due to a combination of the … Read moreFacebook phishers want you to “Connect with Facebook”

The seven most colossal data breaches of 2017

By Logan Strain If it seems like the words “leak,” “compromised data,” and “breach” are constantly in the news, it’s not just you. The frequency of major data breaches is increasing. According to the Identity Theft Resource Center, the number of breaches is expected to top 1,500 in 2017. That’s a 37 percent annual increase … Read moreThe seven most colossal data breaches of 2017

There’s a hole in my bucket: Bitcoin scams aim to exploit volatile market

Bitcoin! Black gold! Texas tea! Only one of these is currently worth ridiculous amounts of money (and technically numbers two and three are the same thing). Whether you’re in possession of lots of Bitcoins, or in full bandwagon panic “must buy 20 graphics cards before the bubble bursts” mode, you should be aware that lots … Read moreThere’s a hole in my bucket: Bitcoin scams aim to exploit volatile market

A state of constant uncertainty or uncertain constancy? Fast flux explained

Last August, WireX made headlines. For one thing, it was dubbed the first-known DDoS botnet that used the Android platform. For another, it used a technique that—for those who have been around in the industry for quite a while now—rung familiar in the ears: fast flux. In the context of cybersecurity, fast flux could refer … Read moreA state of constant uncertainty or uncertain constancy? Fast flux explained

A week in security (December 04 – December 10)

Posted: December 11, 2017 by Malwarebytes Labs Last week on the blog, we looked at a RIG EK malware campaign, explored how children are being tangled up in money mule antics, took a walk through the world of Blockchain, and gave a rundown of what’s involved when securing web applications. We also laid out the trials … Read moreA week in security (December 04 – December 10)

How cryptocurrency mining works: Bitcoin vs. Monero

Ever wondered why websites that are mining in the background don’t mine for the immensely hot Bitcoin, but for Monero instead? We can explain that. As there are different types of cryptocurrencies, there are also different types of mining. After providing you with some background information about blockchain [1],[2] and cryptocurrency, we’ll explain how the … Read moreHow cryptocurrency mining works: Bitcoin vs. Monero

Napoleon: a new version of Blind ransomware

The ransomware previously known as Blind has been spotted recently with a .napoleon extension and some additional changes. In this post, we’ll analyze the sample for its structure, behavior, and distribution method. Analyzed samples 31126f48c7e8700a5d60c5222c8fd0c7 – Blind ransomware (the first variant), with .blind extension 9eb7b2140b21ddeddcbf4cdc9671dca1 – Variant with .kill extension 235b4fa8b8525f0a09e0c815dfc617d3 – .napoleon (main focus of … Read moreNapoleon: a new version of Blind ransomware