Skimmer acts as payment service provider via rogue iframe

Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.

Categories:

Tags:

(Read more…)

The post Skimmer acts as payment service provider via rogue iframe appeared first on Malwarebytes Labs.

Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses

CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?

Categories:

Tags:

(Read more…)

The post Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses appeared first on Malwarebytes Labs.

Vital infrastructure: Threats target financial institutions, fintech, and cryptocurrencies

Losing trust in financial institutions can have a disrupting effect on society. And malware authors love to target these direct sources of money. How can we protect them?

Categories:

Tags:

(Read more…)

The post Vital infrastructure: Threats target financial institutions, fintech, and cryptocurrencies appeared first on Malwarebytes Labs.

Sophisticated threats plague ailing healthcare industry

Black hat hackers are after patient healthcare data, and such breaches will only intensify. Which forms of malware are behind the attacks? We take a look at the advanced threats targeting a sector struggling to keep up.

Categories:

Tags:

(Read more…)

The post Sophisticated threats plague ailing healthcare industry appeared first on Malwarebytes Labs.

Labs Cybercrime Tactics and Techniques report finds businesses hit with 235 percent more threats in Q1

The Labs team discovered that businesses are being targeted with 235 percent more threats than the previous year. Download the report and find out which threats are revving up, and which are dying out.

Categories:

Tags:

(Read more…)

The post Labs Cybercrime Tactics and Techniques report finds businesses hit with 235 percent more threats in Q1 appeared first on Malwarebytes Labs.

“Funky malware format” found in Ocean Lotus sample

Recently, one of our researchers presented at the SAS conference on “Funky malware formats”—atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.

Categories:

Tags:

(Read more…)

The post “Funky malware format” found in Ocean Lotus sample appeared first on Malwarebytes Labs.

A week in security (March 25 – 31)

A roundup of news stories from March 25 – 31, including phishing, hacking, Government studies, mobile dangers on official stores and more.

Categories:

Tags:

(Read more…)

The post A week in security (March 25 – 31) appeared first on Malwarebytes Labs.

Emotet revisited: pervasive threat still a danger to businesses

Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.

Categories:

Tags:

(Read more…)

The post Emotet revisited: pervasive threat still a danger to businesses appeared first on Malwarebytes Labs.