What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-06 14:00:00 | Password Stealers Aren\'t Letting up Any Time Soon (lien direct) | Password security has always been a challenge. Brute force attacks are constantly getting more powerful, but they aren’t the only threat you have to worry about. A range of password stealing malware continues to grow in popularity. One example, Agent Tesla, has seen its detection rate grow 100% in just three months, according to data from LastLine. Despite this rapid growth, Agent Tesla is far from the most popular. That title goes to Pony, which represents 39% of the total password stealer detections, according to Blueliv’s 2018 report, The Credential Theft Ecosystem. LokiPWS and KeyBase trailed Pony at 28% and 16%, respectively. These password stealers are each capable of stealing credentials and other information from a wide variety of programs. Each is unique with its own techniques for delivery and a range of features that hackers can use to mount attacks. Despite the differences, each of these programs can have severe impacts on their victims. The negative impacts can range from having all of the money stolen from an individual’s accounts, to the theft of a company’s intellectual property. The key features of some of the most common password stealers are listed below: Agent Tesla Like most password stealers, Agent Tesla can access a wide variety of your information, ranging from your credentials to your keystrokes. It can even take screenshots and videos from your device’s camera. Agent Tesla targets a number of major programs, including web browsers, email clients, FTP applications and other commonly used software. Once Agent Tesla has been installed on a target’s computer, it can also be used to download other malware. This feature allows threat actors to intensify their attacks and make them even more devastating. Its pricing shows that the malware industry hasn’t been left behind in the X-as-a-service boom, because it is available as part of a plan that starts from $15 per month. This price includes all the 24/7 support someone might need to assist them in their criminal endeavors. Of course, payments are made in Bitcoin. Despite running what must have been an incredibly profitable business, Agent Tesla’s creators have recently posted an update stating it will crack down on illegal use of the program. Under its terms of service, it declares that the software must only be used within the law, but features such as anti-antivirus throw these intentions into question. Due to the recent media attention that Agent Tesla has received, the developers will strip some of its more questionable features, such as anti-antivirus and webcam capture. They also claim to be banning those who are using the program maliciously. Only time will tell whether the creators are sincere, or if this is merely an attempt to keep the authorities from knocking down their doors. Pony Pony is currently the most popular password stealer, but it’s certainly not new. In the past, it has been used to control a number of enormous botnets, which by 2013 had already stolen more than two million credential sets. In 2014, it involved into a series of attacks that stole $200,000 worth of cryptocurrencies, as well as 700,000 sets of credentials. In recent years, Pony has seen prominence as a loader alongside other malware, such as CryptoWall and Angler. These programs, a type of ransomware and an exploit kit, respective | Malware Threat | Tesla | |
 |
2018-10-22 19:55:03 | Who Is Agent Tesla? (lien direct) | A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity -- attracting more than 6,300 customers who pay monthly fees to license the software. Although Agent Tesla includes a multitude of features designed to help it remain undetected on host computers, the malware's apparent creator seems to have done little to hide his real-life identity. | Malware | Tesla | ★★ |
 |
2018-10-16 10:07:04 | Hackers tamper with exploit chain to drop Agent Tesla, circumvent antivirus solutions (lien direct) | A new campaign is spreading information-stealing malware including Agent Tesla and Loki. | Malware | Tesla | |
 |
2018-10-15 19:47:01 | New Technique Recycles Exploit Chain to Keep Antivirus Silent (lien direct) | In a new malware campaign, cybercriminals modified a known exploit chain to push Agent Tesla info stealer without triggering detection from common antivirus products. [...] | Malware | Tesla | |
|
2018-09-21 16:26:05 | Malware Disguised as Job Offers Distributed on Freelance Sites (lien direct) | Attackers are using freelance job sites such as fiverr and Freelancer to distribute malware disguised as job offers. These job offers contain attachments that pretends to be the job brief, but are actually installers for keyloggers such as Agent Tesla or Remote Access Trojan (RATs). [...] | Malware | Tesla | |
|
2018-09-11 13:00:00 | Explain Cryptojacking to Me (lien direct) | Last year, I wrote that ransomware was the summer anthem of 2017. At the time, it seemed impossible that the onslaught of global ransomware attacks like WannaCry and NotPetya would ever wane. But, I should have known better. Every summertime anthem eventually gets overplayed. This year, cryptojacking took over the airwaves, fueled by volatile global cryptocurrency markets. In the first half of 2018, detected cryptojacking attacks increased 141%, outpacing ransomware attacks. In this blog post, I’ll address cryptojacking: what it is, how it works, how to detect it, and why you should be tuning into this type of threat. What is Cryptojacking? Crytojacking definition: Cryptojacking is the act of using another’s computational resources without their knowledge or permission for cryptomining activities. By cryptojacking mobile devices, laptops, and servers, attackers effectively steal the CPU of your device to mine for cryptocurrencies like Bitcoin and Monero. Whereas traditional malware attacks target sensitive data that can be exploited for financial gain, like social security numbers and credit card information, cybercriminals that launch cryptojacking campaigns are more interested in your device’s computing power than your own personal data. To understand why, it’s helpful to consider the economics of cryptocurrency mining. Mining for cryptocurrencies like Bitcoin and Monero takes some serious computing resources to solve the complex algorithms used to discover new coins. These resources are not cheap, as anyone who pays their organization’s AWS bill or data center utility bill can attest to. So, in order for cryptocurrency mining to be profitable and worthwhile, the market value of the cryptocurrency must be higher than the cost of mining it – that is, unless you can eliminate the resource costs altogether by stealing others’ resources to do the mining for you. That’s exactly what cryptojacking attacks aim to do, to silently turn millions of devices into cryptomining bots, enabling cybercriminals to turn a profit without all the effort and uncertainty of collecting a ransom. Often, cryptojacking attacks are designed to evade detection by traditional antivirus tools so that they can quietly run in the background of the machine. Does this mean that all cryptomining activity is malicious? Well, it depends on who you ask. Cryptomining vs. Cryptojacking As the cryptocurrency markets have gained value and become more mainstream in recent years, we’ve seen a digital gold rush to cryptomine for new Bitcoin, and more recently, Monero. What began with early adopters and hobbyists building home rigs to mine for new coins has now given way to an entire economy of mining as a service, cryptoming server farms, and even cryptomining cafes. In this sense, cryptomining is, more or less, considered a legal and legitimate activity, one that could be further legitimized by a rumored $12 Billion Bitman IPO. Yet, the lines between cryptomining and cryptojacking are blurry. For example, the cryptomining “startup” Coinhive has positioned its technology as an alternative way to monetize a website, instead of by serving ads or charging a subscription. According to the website, the folks behind Coinhive, “dream about it as an alternative to micropayments, artificial wait time in online games, intrusive ads and dubious marketing tactics.” Yet at the same time, Coinhive has been one of the most common culprits found | Malware Threat | NotPetya Wannacry Tesla |
1
We have: 6 articles.
We have: 6 articles.
To see everything:
Our RSS (filtrered)
