It’s Monday, which means we have a roundup!
Over the past week on Malwarebytes Unpacked, we’ve moved from a vulnerability disclosure and launch of a bug bounty program to a new form of Ransomware called DMA Locker. Nuclear Exploit Kit returned to cause problems with a large WordPress compromise campaign, and we weighed in on a problematic situation brewing over at BleepingComputer. We looked at a Weather App which would wait until a very specific date to pop a fake Blue Screen of Death (complete with tech support scam phone number), and the latest round of Malvertising we detected caused problems for readers of TMZ. Rounding off the week, we covered Amazon themed phishing mails on the hunt for logins and bank details, and the latest in a string of problems for the popular DayZ videogame.
As for the rest of the news…
- Fake Flash scareware targeting users of OS X.
- Someone compromised the Dridex Botnet and had it offer up a legitimate Antivirus product instead of the usual Malware.
- Google are taking the fight to websites with dubious “Download Now” buttons all over the place (especially problematic on download websites where you can’t…quite…figure out where the download you actually want is located).
- Skype threats can be extremely problematic given the potentially sensitive data they can get their hands on, and the T9000 can record conversations, steal files and grab screenshots.
- Toilet hire Malware? Toilet hire Malware.
- There are claims that up to 10,000 NASA machines could be infected with Malware.
- Were Israeli drones hacked and turned into live-feed monitoring stations?
- Users of TurboTax were warned to steer clear of a recent phishing campaign.
The Malwarebytes Labs Team