Haythem Elmir

In Q4 2017 we found that the Necurs and Gamut botnets comprised 97% of spam botnet traffic. (See the McAfee Labs Threats Report, March 2018.) Necurs (at 60%) is currently the world’s largest spam botnet. The infected computers operate in a peer-to-peer model, with limited communication between the nodes and the control […]

Les experts en sécurité constatent une bascule dans les cibles de prédilection des cybercriminels qui préfèrent s’en prendre aux smartphones plutôt qu’aux ordinateurs. On vous explique pourquoi. Votre smartphone vous connaît sans doute mieux que vous-même. Il sait en permanence où vous vous trouvez, il connaît toutes les personnes auxquelles […]

According to Citizen Lab, some governments are using Sandvine network gear installed at internet service providers to deliver spyware and cryptocurrency miners. Researchers at human rights research group Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites (i.e. Avast […]

Windows Server, Apache Solr, and Redis servers have been targeted this week by cyber-criminals looking to take over unpatched machines and install malware that mines cryptocurrency (known as a coinminer). Two separate campaigns have been spotted, both very active this week. One by the Imperva crew, targeting Redis and Windows […]

It has been a pretty slow ransomware week as most of the malware developers have started pushing cryptominers. We did see the continued distribution of the GnuPG based Qwerty Ransomware and a new variant of the GandCrab ransomware that makes it secure again.   March 3rd 2018 New GlobeImposter discovered GrujaRS found a […]

A new ransomware has been discovered that utilizes the legitimate GnuPG, or GPG, encryption program to encrypt a victim’s files.  Currently in the wild, this ransomware is called Qwerty Ransomware and will encrypt a victims files, overwrite the originals, and the append the .qwerty extension to an encrypted file’s name. It […]