Remove 2010 Remove Antivirus Remove Malware
article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. “Antivirus software trusts signed programs more. One of Megatraffer’s ads on an English-language cybercrime forum.

Malware 321
article thumbnail

Who’s Behind the GandCrab Ransomware?

Krebs on Security

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. It remains unclear how many individuals were active in the core GandCrab malware development team. of GandCrab.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Krebs on Security

In December 2013, a Slovenian court sentenced Škorjanc to four years and ten months in prison for creating the malware that powered the ‘ Mariposa ‘ botnet. Prosecutors say McCormick also was a reseller of the Mariposa botnet, the ZeuS banking trojan , and a bot malware he allegedly helped create called “Ngrbot.”

article thumbnail

Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison

Krebs on Security

In 2013, Vrublevsky was convicted of hiring his most-trusted spammer and malware writer to launch a crippling distributed denial-of-service (DDoS) attack against one of his company’s chief competitors. law enforcement and intelligence agencies.

article thumbnail

Tracing the Supply Chain Attack on Android

Krebs on Security

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. net 2010-11-22 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 279
article thumbnail

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. .” The Forbes.ru

Hacking 253
article thumbnail

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. Using an encrypted payload is quite a common way to evade Antivirus, since the encrypted payload changes depending on the used key. Stage1: Encrypted Content. But what is the key?

Malware 111